Entra Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science , Information Security, or a related technical field, or equivalent hands-on experience.
• 4–6 years of experience in IT, cybersecurity, or IAM, including direct experience supporting Entra ID / Azure AD .
• Hands-on experience configuring and supporting SSO, MFA, Conditional Access, SCIM provisioning, and group-based access.
• Strong troubleshooting and analytical skills with high attention to detail, especially when diagnosing authentication or access issues.
• Experience documenting processes, maintaining operational consistency, and contributing to security-focused workflows.
• Experience managing or supporting IAM-related tickets or identity lifecycle operations.
• Experience managing custom claims, attributes, or scopes in an identity platform, and testing integrated application access flows.
• Ability to communicate clearly, manage priorities, and collaborate effectively in a fast-paced environment.
• Ability to work collaboratively in a team environment and take direction from senior technical leads.

Nice To Haves

• Experience with Okta Workforce Identity Cloud, including SSO, MFA, Lifecycle Management, or API-based integrations—particularly valuable as Moderna migrates to Entra ID.
• Experience with Okta Advanced Lifecycle Management, Okta Workflows, or expression-based mapping logic.
• Understanding of Zero Trust, least privilege, access governance, and modern authentication best practices.
• Knowledge of cloud environments (AWS, Azure, GCP) and how identity integrates with cloud-based applications and workloads.
• Relevant certifications such as Microsoft SC-300 or Okta Certified Professional/Administrator are strongly preferred.
• Experience working in regulated environments ( GxP ) is a plus.
• Strong communication skills and a growth mindset—eager to learn, adapt, and advance IAM maturity at Moderna.

Responsibilities

• Manage and support Entra ID as Moderna’s primary identity platform, including SSO, MFA, Conditional Access, and directory integrations.
• Configure and maintain application integrations, ensuring secure and seamless access for internal teams and external partners.
• Work with application developers to implement secure SSO integrations and support modern OAuth/OIDC authentication flows.
• Work directly with Entra ID App Registrations and Enterprise Applications, including API permissions, app onboarding, and configuration updates.
• Support external access and vendor collaboration by setting up secure B2B integrations, external identities, and sharing policies.
• Drive continuous improvement of Entra ID integrations and identity services, including application onboarding, testing, and platform enhancements .
• Support identity lifecycle processes, including provisioning, deprovisioning, group-based access, and SCIM integrations.
• Troubleshoot authentication and access issues across Entra ID, Okta, and connected applications, partnering closely with vendors and application teams.
• Manage incoming requests and incidents through ServiceNow, ensuring clear communication and timely resolution.
• Maintain documentation, runbooks, and best practices to ensure smooth operations and audit readiness.
• Assist with building and maintaining Conditional Access policies, ensuring strong alignment to Zero Trust principles.
• Support governance of admin roles using Privileged Identity Management (PIM) and enforce least-privilege access .
• Partner with cybersecurity, directory, and platform engineering teams to enhance identity governance, automation, and overall IAM maturity.
• Implement and strengthen phishing-resistant authentication and Conditional Access policies.
• Audit identity configurations, remediate security gaps, and reduce excessive permissions to maintain a least- privilege environment.

Benefits

• Highly competitive and inclusive medical, dental , and vision coverage options
• Dedicated guided healthcare coordination through Included Health that elevates healthcare planning for every kind of employee, including our LGBTQ+ employees and other underserved communities
• Flexible Spending Accounts for medical expenses and dependent care expenses
• Lifestyle Spending Account to help you engage in personal enrichment and self-care activities
• Generous Paid Leave offerings, including at least 18 weeks of 100% paid parental leave for all new parents
• Family care benefits, including subsidized backup care options and on-demand tutoring
• Adoption , surrogacy, and family-planning benefits
• Paid time off, including:     Vacation, sick time , and observed Company-wide holidays Paid v olunteer time to participate within your community     Discretionary winter holiday shut down     Paid 4-week sabbatical after 5 years , and every 3 years thereafter
• Generous 401k match and Financial Planning supports
• Moderna-paid Life, LTD , and STD insurance, as well as voluntary benefit options
• Concierge service including home services research, travel booking, and entertainment requests
• Free premium access to fitness, nutrition, and mindfulness classes including e xclusive preferred pricing on Peloton fitness equipment
• Free parking , subsidized parking, or subsidized commuter passes , depending on location
• Location-specific perks and extras!