Azure Specialist - Identity and Access Management

We're Hiring: Azure AD Specialist Location : PAN India (Preference for major tech hubs) Key Responsibilities : - Architect, implement, and manage solutions leveraging modern authentication protocols, including OAuth 2.0 and OpenID Connect, with a deep understanding of various grant types (Authorization Code with PKCE, Device Code, Hybrid Flow, Implicit Grant). - Design and implement secure token lifecycle management strategies for Access Tokens, Refresh Tokens, ID Tokens, and Primary Refresh Tokens (PRTs). - Drive the adoption and implementation of Single Sign-On (SSO) across cloud and on-premises applications, ensuring a seamless user experience. - Architect and deploy passwordless authentication solutions, including Windows Hello for Business (WHfB), FIDO2 security keys, and Azure AD Certificate-based Authentication. - Design, deploy, and manage Azure AD Connect synchronization configurations, including advanced filtering, attribute transformations, and synchronization rules. - Implement and maintain highly available Azure AD Connect environments with robust failover mechanisms. - Design, implement, and manage automated identity lifecycle management processes using the System for Cross-domain Identity Management (SCIM) 2.0 standard. - Onboard and configure SCIM-compliant applications (e.g., Slack, GitHub, ServiceNow) for automated user provisioning and de-provisioning. - Develop and maintain custom SCIM connectors for applications with proprietary APIs using PowerShell, Azure CLI, and Microsoft Graph API. - Architect, implement, and enforce granular Conditional Access policies to control access to resources based on user identity, location, device compliance, and application risk. - Configure and monitor Azure AD Identity Protection features to detect and respond to identity-based risks and vulnerabilities. - Implement and manage Azure AD Identity Governance features, including Access Reviews, Entitlement Management, and Privileged Identity Management (PIM). - Troubleshoot and resolve issues related to application integrations utilizing OAuth 2.0, OpenID Connect (OIDC), and SAML (Security Assertion Markup Language) for authentication and authorization. - Analyze authentication and authorization flows using tools like Fiddler and Postman. - Integrate Azure AD logs and security events with Azure Sentinel for proactive monitoring and threat detection. - Develop and utilize Kusto Query Language (KQL) queries for security analysis and alerting. - Participate in incident response activities related to identity and access management. - Develop and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and troubleshooting procedures. - Stay up-to-date with the latest Microsoft Entra ID features, security best practices, and industry trends. Our Tech Stack (Familiarity Required): - Microsoft Entra ID (Azure AD) : Core platform expertise is essential. - SCIM 2.0 : Deep understanding of the standard and its implementation. - PowerShell : For scripting and automation tasks. - Azure CLI : For managing Azure resources. - Microsoft Graph API : For programmatic interaction with Azure AD and other Microsoft 365 services. - Fiddler/Network Tracing Tools : For analyzing authentication flows. - Postman/API Testing Tools : For testing and troubleshooting API integrations. - Azure Sentinel : For security information and event management (SIEM). - Kusto Query Language (KQL) : For querying and analyzing data in Azure Sentinel and Log Analytics. What Were Looking For : - Minimum of 5 years of hands-on experience in Identity and Access Management (IAM) or cloud identity platforms, with a significant focus on Azure AD. - Deep and demonstrable understanding of modern authentication protocols, including OAuth 2.0 and OpenID Connect, and their various grant types. - Proven hands-on experience with device registration processes, Windows Hello for Business (WHfB) deployment and management, and the role of Primary Refresh Tokens (PRTs). - Significant experience with SCIM provisioning, including connecting to various SaaS applications and onboarding custom connectors using APIs. - Strong grasp of Conditional Access policies, Single Sign-On (SSO) configuration, and identity governance tools within Azure AD (Access Reviews, Entitlement Management, PIM). - Excellent troubleshooting skills in diagnosing and resolving authentication, authorization, and provisioning issues in complex environments. - Strong understanding of security best practices related to identity and access management. - Excellent communication (both written and verbal) and collaboration skills. - Ability to work independently and as part of a global team. Bonus Points For : - Microsoft certifications related to Azure Security or Identity (SC-300: Microsoft Identity and Access Administrator). - Experience with other IAM solutions or protocols (SAML, LDAP). - Experience with scripting languages beyond PowerShell (Python). - Familiarity with DevOps practices and infrastructure-as-code (IaC) tools. Title: Azure AD Specialist (ref:hirist.tech)

Location: bangalore, IN

Posted Date: 6/6/2025