Sr Technical Lead
March 19, 2026IT Admin
April 17, 2026Cloud Identity Engineer L3
Remote
Overview
We are looking to hire an Azure Cloud Engineer who is available to join immediately or within 30 days. This is a fully remote opportunity
We are looking for an Expert Active Directory & Cloud Identity Engineer to lead the design, hardening, and transformation of enterprise identity platforms across Active Directory and Microsoft Entra ID.
This role requires deep technical expertise and architectural ownership, with a strong focus on Active Directory Tiering, privileged access controls, and identity security. You will play a key role in reducing risk, strengthening identity governance, and driving secure-by-design identity architecture in a complex enterprise environment.
Active Directory Tiering (Tier 0 / Tier 1 / Tier 2) is mandatory and non-negotiable!
LOCATION
Remote
EXPERIENCE
7 - 11 years
FUNCTIONAL AREA
Development
Key Responsibilities
- Own and drive Active Directory and Microsoft Entra ID architecture and engineering
- Design and enforce AD Tiering model (Tier 0/1/2) and privileged access segregation
- Implement and manage Privileged Identity Management (PIM), RBAC, and admin isolation
- Design and enforce Conditional Access, MFA, and Zero Trust identity controls
- Build and optimize hybrid identity architecture (AD + Entra ID / Azure AD Connect)
- Drive directory hardening, identity lifecycle governance, and access control improvements
- Lead access reviews, entitlement governance, and audit readiness
- Provide advanced troubleshooting for complex identity, authentication, and synchronization issues
- Define and maintain standards, policies, and secure operational procedures
- Act as L3 / SME escalation points for identity-related incidents and risks
- Collaborate with security, cloud, infrastructure, and risk teams in a regulated environment
Required Qualifications (Must Have)
- Extensive experience in Active Directory engineering within enterprise environments
- Proven, hands-on expertise in:
- Active Directory Tiering model (Tier 0 / Tier 1 / Tier 2) – mandatory
- Microsoft Entra ID (Azure AD)
- Conditional Access (design & enforcement)
- Privileged Identity Management (PIM)
- Group Policy (GPO)
- Hybrid identity (AD Connect / Entra ID sync)
- Strong experience with:
- Access governance and access reviews
- Identity security and privileged access controls
- Advanced troubleshooting (AD, authentication, identity sync)
- Proven ability to operate as a expert engineer / SME / technical lead
Mandatory Microsoft Certifications
- Microsoft Certified: Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Windows Server Hybrid Administrator Associate (AZ-800 & AZ-801)
Preferred / Nice to Have
- Experience with PKI / Certificate Services
- Knowledge of Identity Protection and Zero Trust models
- Exposure to ISO 27001 / audit / compliance frameworks
- Microsoft Certified: Cybersecurity Architect Expert (SC-100)
Key Competencies
- Strong security-first mindset
- Deep understanding of privileged access risks and AD Tiering enforcement
- Ability to drive and influence identity architecture decisions
- Strong ownership and accountability in critical environments
- Excellent problem-solving and advanced troubleshooting skills
- Ability to collaborate across security, cloud, and infrastructure teams
Ideal Candidate
- A senior identity expert who owns Active Directory Tiering end-to-end, has strong command of Microsoft Entra ID, Conditional Access, and PIM, and can drive identity security maturity across hybrid environments.