Infrastructure Engineer

This senior-level role is responsible for designing, implementing, and operating enterprise identity and access management (IAM) capabilities. The position serves as the subject‑matter expert for Entra ID, Conditional Access, SSO, MFA, and modern zero-trust access technologies. The engineer will ensure secure access to corporate systems through strong authentication, least-privilege models, and automation-driven identity governance.

Key Responsibilities Identity & Access Architecture Design, implement, and operate IAM solutions aligned to zero trust and risk‑based access principles. Establish and enforce standards for SSO, MFA, Conditional Access, and access governance across cloud and on‑prem environments. Act as the technical authority for authentication patterns, identity lifecycle processes, and secure access workflows.

Administer Entra ID, including tenant configuration, access policies, and identity settings. Build and maintain Conditional Access policies based on user risk, device posture, and access context. Deliver SSO integrations for internal and SaaS applications, including onboarding, testing, deployment, and support.

Manage Entra ID enterprise applications—govern permissions, assignments, and access models. Oversee API permission governance, including Microsoft Graph scoping and consent workflows. Administer Zscaler ZPA to provide secure access to private applications, working closely with application teams.

Network & Access Control Configure and support Meraki switching and wireless systems, including monitoring and lifecycle management. Manage firewall and network access policies using FortiGate, with a focus on identity-centric access. Troubleshoot wired, wireless, and remote access connectivity issues in collaboration with security and infrastructure teams.

Conduct scheduled access reviews and partner with system owners to resolve gaps or policy concerns. Participate in cyber and third‑party risk assessments, addressing IAM-related findings. Develop and maintain metrics and reporting on platform health, access risks, and improvement areas.

Maintain procedures, standards, and documentation for IAM operations. Act as the primary escalation point for IAM incidents, outages, and related security events. Required Technical Qualifications Expert-level experience administering Entra ID , including identity configuration and policy management.

Deep experience building and operating Conditional Access policies aligned with least‑privilege and risk‑based models. Strong background implementing SSO and MFA at enterprise scale. Experience managing Entra ID Enterprise Applications , including permission governance and assignment models.

Familiarity with governing Microsoft Graph API permissions and consent workflows. Hands‑on experience with Zscaler ZPA . Working knowledge of OAuth , OpenID Connect , SAML , and LDAP .

Strong troubleshooting skills across authentication and authorization flows. Solid understanding of authentication‑related networking fundamentals Preferred Qualifications Experience with Microsoft Intune . Familiarity with Microsoft Purview .

PowerShell scripting and automation skills. Requirements Bachelor’s degree in computer science, Information Technology, or equivalent practical experience. 5+ years of experience in IAM or closely related infrastructure/security roles. Proven ability to lead cross‑functional initiatives while remaining technically hands‑on. #J-18808-Ljbffr