Job Summary:

We are seeking an experienced IDAM and PAM Security Engineer with deep expertise in Microsoft Azure Active Directory (Microsoft Entra) and Intune to join our Information Security team. This role is pivotal in securing our organization’s systems by leading the design, implementation, and management of our Identity and Access Management (IDAM) and Privileged Access Management (PAM) frameworks. The successful candidate will leverage their extensive knowledge of Microsoft Entra and Intune to enhance our security posture and ensure robust access controls across the enterprise.

Key Responsibilities:

1. Microsoft Entra and Intune Expertise:

• Lead the design, deployment, and administration of Microsoft Entra, including identity management, access control, and conditional access policies.
• Manage and optimize Intune for device management, ensuring secure and compliant configurations across all endpoints (Windows & MacOS Based).
• Integrate Microsoft Entra with third-party applications and services, ensuring seamless and secure single sign-on (SSO) experiences.

2. IDAM and PAM Implementation:

• Implement and maintain IDAM and PAM solutions with a strong focus on Microsoft technologies, including Microsoft Entra Privileged Identity Management (PIM) and other related tools.
• Develop and enforce policies and procedures related to identity and access management, with a specific emphasis on Microsoft Entra and Intune best practices.

3. Security Administration:

• Oversee identity lifecycle management within Microsoft Entra, including user provisioning, de-provisioning, and role-based access control (RBAC).
• Administer PAM solutions, ensuring that privileged accounts are managed, monitored, and secured within the Azure ecosystem.
• Conduct regular audits and reviews of Microsoft Entra and Intune configurations to ensure compliance with security policies and industry standards.

4. Incident Response and Risk Management:

• Lead response efforts for security incidents related to Microsoft Entra and Intune, including investigation, remediation, and reporting.
• Perform risk assessments focused on identity and device management, identifying vulnerabilities, and implementing mitigation strategies.
• Develop and maintain disaster recovery and business continuity plans specific to IDAM and PAM services, with a focus on Azure-based solutions.

5. Automation and Optimization:

• Automate IDAM and PAM processes using Azure Automation, PowerShell, and Intune scripts to improve efficiency and reduce manual workload.
• Continuously optimize the configuration and deployment of Microsoft Entra and Intune, staying current with Microsoft’s evolving features and security enhancements.

6. Compliance and Governance:

• Ensure all IDAM and PAM practices within Microsoft Entra and Intune comply with regulatory requirements and industry standards such as GDPR, HIPAA, and SOX.
• Maintain detailed documentation of configurations, policies, and procedures related to Microsoft Entra and Intune environments.
• Prepare for and assist in security audits and assessments related to identity and access management.

7. Training and Awareness:

• Provide specialized training and support to IT staff and end-users on Microsoft Entra and Intune, promoting best practices and security awareness.
• Develop and disseminate educational materials to increase understanding of security practices related to Microsoft identity and device management solutions.

Qualifications:

Education:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications and equivalent work experience will be considered.

Experience:

• 5+ years of experience in cybersecurity with a focus on Identity and Access Management (IDAM) and Privileged Access Management (PAM).
• Extensive hands-on experience with Microsoft Entra, including identity management, SSO, MFA, and PIM.
• Strong expertise in deploying and managing Intune for device management, security policy enforcement, and compliance.

Certifications (Preferred):

• Microsoft Certified: Identity and Access Administrator Associate
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Azure Solutions Architect Expert

Skills:

• Deep understanding of Microsoft Entra, including conditional access, identity protection, and secure hybrid identity deployments.
• Proficiency in Intune, including device compliance policies, app protection policies, and endpoint security.
• Strong scripting skills in PowerShell for automation within the Azure environment.
• Excellent problem-solving abilities and attention to detail.
• Strong communication skills, with the ability to convey complex technical concepts to a non-technical audience.
• Ability to work independently and collaborate effectively with cross-functional teams in a fast-paced environment.