Azure Identity Engineer (Entra ID)

About the role

Conditional access policies, Entra ID, hybrid identity. If those words excite you rather than bore you, keep reading. We need an identity specialist to lead Entra ID projects for our clients, from tenant setup to zero trust. You’ll own the whole thing: design it, build it, explain it to people who don’t know what a claim is, and make sure it works in production. No hand-offs to someone else to “implement your vision.” You do the work.

What you’ll do

• Design and implement Entra ID configurations for client environments
• Build conditional access policies and zero trust frameworks
• Configure SSO, MFA, and passwordless authentication
• Manage hybrid identity with Entra Connect (AD sync)
• Implement Privileged Identity Management (PIM) and access reviews
• Advise clients on identity governance and lifecycle management

What we’re looking for

• 3+ years of experience with Azure AD / Entra ID
• Strong knowledge of conditional access, PIM, and identity governance
• Experience with hybrid identity (on-prem AD to Entra ID sync)
• Understanding of OAuth 2.0, OIDC, and SAML protocols
• Experience with Microsoft 365 administration and licensing
• Comfortable explaining identity concepts to non-technical stakeholders
• Able to work independently and drive projects from design through to handover

Nice to have

• Microsoft certifications (SC-300, AZ-500, or MS-100/101)
• Experience with Entra External ID (B2B/B2C)
• PowerShell and Microsoft Graph API scripting
• Experience with third-party identity providers (Okta, Ping)
• Knowledge of compliance frameworks (Cyber Essentials, ISO 27001)
• Intune / endpoint management experience

What we won’t ask you to do

• Reset passwords all day (this isn’t a helpdesk role)
• Implement policies without understanding why they exist
• Navigate internal politics to get a simple change approved