The Senior Azure Architect Identity & Endpoint Engineer leads the design, implementation, and governance of enterprise identity and endpoint services in Microsoft Azure. This role ensures secure, compliant, and scalable access management across cloud and hybrid infrastructures, serving as the technical expert in identity, authentication, and device management.
Responsibilities
- Design, deploy, and maintain enterprise-scale identity architectures in Microsoft Azure to support secure authentication, authorization, and access control across cloud and hybrid environments.
- Act as the technical lead for identity and access management (IAM) solutions, including Microsoft Entra ID (Azure AD), ADFS, and hybrid identity integrations.
- Architect and manage endpoint management systems using Microsoft Endpoint Configuration Manager (MECM/SCCM) and Microsoft Intune.
- Establish and enforce enterprise-wide standards, policies, and configurations for identity and endpoint services to ensure security, consistency, and scalability.
- Design and implement identity federation, single sign-on (SSO), conditional access policies, and authentication workflows across enterprise applications.
- Integrate identity and endpoint solutions with Azure-hosted services and on-premises infrastructure for seamless operations.
- Collaborate with cybersecurity and information assurance teams to implement identity- and endpoint-related security controls.
- Support compliance audits by providing technical documentation, control mappings, and architectural guidance.
- Lead resolution of complex issues involving authentication failures, access denials, and device compliance across identity and endpoint systems.
- Assess and recommend enhancements to identity and endpoint architectures, balancing security, usability, and operational efficiency.
- Provide technical guidance to engineers on identity integration patterns and endpoint management best practices.
- Maintain up-to-date architecture diagrams, technical standards, and documentation for all identity and endpoint services.
- Manage the lifecycle of identity and endpoint platforms, including upgrades, migrations, and modernization initiatives.
- Participate in strategic planning and technical reviews to align identity and endpoint services with enterprise architecture goals and mission requirements.
Requirements
- Minimum of four years of professional experience with a strong focus on identity and endpoint engineering.
- Bachelor’s degree in Information Technology, Cybersecurity, or a related field; or an equivalent combination of education, training, and relevant experience.
- Demonstrated experience in managing identity services within Microsoft Azure environments.
- Hold Microsoft Certified: Azure Administrator Associate certification or higher.
- Must satisfy DoD 8570 / 8140 IAT-II certification requirements, such as Security+, SSCP, or GSEC.
- Hands-on experience with Microsoft Entra ID (Azure AD).
- Experience designing and managing ADFS and hybrid identity solutions.
- Proficiency with Microsoft Endpoint Configuration Manager (MECM/SCCM).
- Experience managing endpoint devices using Microsoft Intune.
- Active Secret security clearance is required.
Tech Stack
Microsoft Azure, Microsoft Entra ID (Azure AD), ADFS, Hybrid identity, Microsoft Endpoint Configuration Manager (MECM/SCCM), Microsoft Intune, Conditional Access, Single Sign-On (SSO), Identity Federation, Azure AD, On-premises infrastructure integration
Additional Information
- This position is contingent upon contract award.
- Active Secret clearance is required to perform this role.
- Applicants must meet DoD 8570 / 8140 IAT-II certification requirements.
- The employer complies with 41 CFR 60-1.4(a), 60-300.5(a), and 60-741.5(a).
- These regulations prohibit discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, and compensation-related inquiries, consistent with federal law.
- The company participates in the E-Verify program.
