Domain Architect- IAM/M365

O'Reilly Auto PartsHeadquarters, KY
18dOnsite

About The Position

The IAM/M365 Domain Architect is a hands-on technical leadership role. The IAM architect will be focused on the implementation of Microsoft Entra and M365 services and the migration of existing solutions to the platform. More broadly this role will involve defining enterprise-wide IAM strategies, guiding the organization's adoption of modern best practices across cloud and on-premises technologies, and driving innovation to support the business's strategic objectives. This role is located in Springfield, MO and will require on-site work on a regular basis.

Requirements

  • Experience with enterprise scale identity migrations
  • Familiarity with Okta, Active Directory, and open LDAP
  • Deep knowledge of modern authentication protocols including but not limited to OIDC/OAuth2, SAML, WSFED, etc.
  • Familiarity with modern authorization, session, and token handling patterns including but not limited to claims-based authorization, back-channel logout, token introspection, token refinement, etc.
  • Expert-level knowledge of Entra ID specifically including but not limited to the features listed below:
  • Core Identity and Directory Services
  • Core Services (user/group/device)
  • Federated Identities
  • Custom attributes and schema extensions
  • Dynamic Groups
  • Directory role strategies for enterprise delegation
  • Authentication and Access Control
  • SSO
  • Conditional Access
  • Passwordless Authentication
  • B2B
  • Identity Protection and Risk
  • User Risk Detection
  • Sign-in Risk Detection
  • Using Risk with Conditional Access
  • Risk Remediation Policies
  • Supporting SIEM/SOAR integration
  • Logs and Forensics
  • Identity Governance and Administration
  • Access Reviews
  • Access Request Workflows
  • Time-Bound Access
  • Identity and Access Lifecycle (Mover/Joiner/Leaver)
  • Augmentation with Logic Apps and other automation technologies.
  • Application Access and SSO
  • OIDC, OAuth2, SAML
  • Enterprise Applications
  • Application Registrations
  • API permissions and consent
  • Application Proxy
  • Token Configuration and Claims Refinement
  • Provisioning and Lifecycle
  • Guest Users
  • Cross Tenant access
  • External IDs
  • Substantial work experience with comprehensive job-related experience to a fully competent level in applicable area of expertise. (6 to 10 years)
  • Experience supervising and directing team members and utilizing resources to achieve specific end results within limited timeframes (1 to 3 years)

Nice To Haves

  • Retail Industry Experience with a strong understanding of store operations, merchandising, and omnichannel commerce.
  • Auto Parts Industry Knowledge, including familiarity with aftermarket supply chains, inventory management, and distribution networks.
  • Familiarity with Master Data Management (MDM) principles, architectures, and implementations.
  • Experience with international, multi-lingual product catalog solutions and localization strategies.
  • Experience with retail POS solutions and Commerce CMS platforms.
  • Experience with Warehouse Automation & Material Handling Solutions

Responsibilities

  • Define and own IAM architecture for the enterprise ecosystem, emphasizing Microsoft identity solutions and vendor-neutral standards-based approaches.
  • Design, guide, and assist implementation of Microsoft cloud services emphasizing M365 and Entra ID features.
  • Partner with consultants and internal teams as the technical leader on the migration of identities, authorization data, and authentication mechanisms from various legacy and cloud solutions to Entra ID.
  • Design and implement hybrid and multi-cloud identity solutions specifically Entra Mutli-tenant Organization and other B2B solutions ensuring compatibility and integration across regionally specific Entra tenants.
  • Define and map data integration strategies for employee and authorization data.
  • Integrate regulatory controls into enterprise identity and access solutions and processes.
  • Define overall enterprise identity protection strategies.
  • Map identity protection strategies into effective plans and technical implementations using both Microsoft and vendor-neutral approaches.
  • Design and enable identity-driven provisioning and deprovisioning across downstream systems using SCIM, JIT, event-based triggers, etc.
  • Define and design customized identity workflows like mover/joiner/leaver, access request, certifications, etc. primarily utilizing native Entra and Azure features.
  • Design and support the adoption of service principal and managed identity use patterns for non-human workloads.
  • Drive the standardization of OIDC, OAuth2 flows and the use of common shared authn and authz packages within the overall software product development practices within the organization.
  • Create accessible detail-oriented architectural artifacts including but not limited to roadmaps, conceptual diagrams, sequence diagrams, requirement and decision logs, etc.
  • Participate in the organization's larger architecture practice as a compatibility and integration point for identity, access, and authorization.
  • Provide hands-on technical mentorship and implementation guidance for a team of identity engineers and developers.

Benefits

  • Competitive Wages & Paid Time Off
  • Stock Purchase Plan & 401k with Employer Contributions Starting Day One
  • Medical, Dental, & Vision Insurance with Optional Flexible Spending Account (FSA)
  • Team Member Health/Wellbeing Programs
  • Tuition Educational Assistance Programs
  • Opportunities for Career Growth
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service