Engineer - Cyber Security

About The Position

Requirements

• Proficiency and ability to function as a Microsoft Azure Security Engineer with a focus on Microsoft Entra ID.
• Practical experience with identity-related technologies such as Single-Sign-On (SSO) and System for Cross-Domain Identity Management (SCIM) synchronization.
• Strong security knowledge around multi-factor authentication practices, and related protections for users, secrets, services, applications, and resources.
• General understanding of cloud security best practices.
• Microsoft Azure Security Engineer Certification (AZ-500) or equivalent, demonstrable experience.
• Minimum of 2 years experience with Microsoft Entra ID.
• Software development proficiency in using application programming interfaces (APIs), including the Microsoft Graph API, generic/REST APIs, proprietary user management APIs/endpoints, and related operations with JSON objects.
• Proficiency with script-based languages including, but not limited to, PowerShell and Python.

Nice To Haves

• Experience creating Azure Logic Apps and/or Azure Functions.
• Experience with continuous integration and continuous development pipelines including integration with Azure Key Vault.
• Familiarity with *nix-based systems including AIX, iSeries, and Linux distributions, including familiarity with SSH.
• Experience with database systems and the SQL language, Microsoft SQL Server preferred.

Responsibilities

• Function as a Microsoft Azure Security Engineer; implement and manage best-practice security controls within Microsoft Entra ID including role-based access, protection, governance, and permission management.
• Strengthen core IAM principles by modernizing and creating advancements in Microsoft Azure with Privileged Identity Management (PIM), Just-In-Time (JIT) access, Conditional Access Policies, along with other secret/credential management technologies and concepts.
• Develop application identity management lifecycles for machine/nonhuman software workload identities, including Managed Identities, Service Principals, Encryption/API Keys, and others.
• Onboard, support, and migrate applications to utilize Single-Sign-On (SSO) and System for Cross-Domain Identity Management (SCIM) synchronization for automatic user provisioning/deprovisioning.
• Integrate applications with (Identity, Governance, and Administration) IGA tools and Service Management for related application access fulfillment.
• Provide user and group management services, and leverage latest authentication technologies and factors for end-to-end authentication flows.
• Perform operation and administration of security software which includes but is not limited to, On-premises and Cloud-Based Identity providers (IdPs), IGA Tooling, Microsoft Entra Connect Sync, Microsoft Entra Cloud Sync, Azure Key Vault, CyberArk Privilege Cloud, Security Orchestration tools, Maintenance scripts, and In-House/Custom Services/Integrations/Automations, among others.
• Respond to and resolve IAM and security-related incidents, including off hours on-call incident resolution identified as high priority. This requires 24x7 availability during the on call rotation.
• Participate in security incident response efforts to include remediation with an appropriate sense of urgency and criticality.
• Perform effective research for issues of actual or suspected security violations, fraud, or abuses.

Benefits

• Employee Discount
• Paid Time Off
• Medical | Dental | Vision Coverage
• 401(k) | Roth 401(k)
• Stock Purchase Plan
• Life Insurance
• Flexible Spending Account
• Opportunities for Advancement
• Tuition Reimbursement for Qualified Courses
• Strong Company Culture
• Employee Resource Groups