HiringCafe
Posted 1w ago

Senior Azure Engineer (Entra ID)

@ Avanade
View All Jobs
Jakarta, Jakarta, Indonesia
OnsiteFull Time
Responsibilities:design Entra ID, manage identities, configure security
Requirements Summary:Senior Azure Entra ID engineer with 10+ years customer-facing experience; expertise in RBAC, MFA, SSPR, Entra ID governance, and hybrid identity.
Technical Tools Mentioned:Microsoft Entra ID (Azure AD), Microsoft Graph API, OAuth, SAML, OIDC, Kerberos, FIDO2, Azure AD Join, Entra ID Connect, Entra Cloud Sync, Conditional Access, MFA, PIM, Privileged Identity Management
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Summary

Our fast, client-focused, dynamic environment wants your consulting management skills and desire to make a difference. Use Avanade’s tech, innovation and leadership to make a genuine human impact. Enjoy seeing an impact on clients, too, as you solve interesting challenges in a way that’s flexible to your approach to work—and life. Chart your own career path with us.

As a Customer Engineer, you will collaborate directly with customer teams to provide expert advisory services across a range of technologies. By leveraging structured intellectual property (MIP) engagements, you will establish trusted advisor relationships and guide customers towards achieving a healthy and secure state. Together we do what matters.

Key responsibilities

  • Design, implement, and manage Microsoft Entra ID solutions to support secure identity and access management across cloud and hybrid environments.
  • Define and enforce Role-Based Access Control (RBAC) to ensure least-privilege access and compliance with organizational security policies.
  • Manage Entra ID identities, including:
    • User accounts
    • Service principals
    • Group management (security and Microsoft 365 groups)
  • Configure and administer Entra ID Enterprise Applications, including app registrations, permissions, consent, and lifecycle management.
  • Design, implement, and troubleshoot authentication models, including:
    • Cloud authentication (Password Hash Sync / Pass-Through Authentication)
    • Federated authentication
    • Modern authentication protocols such as OAuth, SAML, OpenID Connect (OIDC), and Kerberos
    • Passwordless authentication using FIDO2 and Passkeys
  • Implement and manage device identity and access scenarios, including Hybrid Azure AD Join and Azure AD Join (AADJ).
  • Plan, deploy, and operate account synchronization solutions, including:
    • Microsoft Entra ID Connect
    • Entra Cloud Sync
  • Configure and maintain Entra ID P1 and P2 security features, including:
    • Conditional Access policies
    • Multi-Factor Authentication (MFA)
    • Risk‑based access controls
    • Security reporting and operational troubleshooting
  • Implement and support Self-Service Password Reset (SSPR) and Entra Password Protection, including:
    • Password policy configuration
    • Integration with on‑premises Active Directory
  • Deliver Entra ID Governance capabilities, including:
    • Privileged Identity Management (PIM)
    • Periodic and self-service access reviews
    • Identity-related compliance and audit support
  • Monitor, investigate, and remediate identity risks using Entra ID Protection.
  • Leverage Microsoft Graph API fundamentals to support identity automation, reporting, and integration scenarios.
  • Collaborate with security, infrastructure, and application teams to ensure secure identity architectures and seamless integration across platforms.

.

Skills and experiences

  • Bachelor’s Degree (or higher) in Information Technology, or a related field or equivalent experience.
  • Experience in conducting technical workshops, training sessions, and webinars to educate customers on the best practices and new features of Microsoft
  • 10+ years experience with customer-facing roles in
  • Strong experience with Microsoft Entra ID (Azure AD), including RBAC, user, group, and application management.
  • Solid understanding of authentication and identity models, including SSO, MFA, Conditional Access, OAuth, SAML, and passwordless authentication.
  • Hands-on experience with hybrid identity setups, including Entra ID Connect, Cloud Sync, and device join (Hybrid AADJ / AADJ).
  • Knowledge of Entra ID P1/P2 security and governance features, such as Conditional Access, PIM, access reviews, and identity protection.
  • Experience securing and managing enterprise applications integrated with Entra ID.
  • Ability to troubleshoot identity, access, and authentication issues in cloud and hybrid environments.
  • Familiarity with identity automation and management tools, including basic Microsoft Graph API usage.

Nice to Have

  • Experience with ADFS, AD CS, or legacy identity systems
  • Exposure to Azure security tools (Microsoft Sentinel, Azure Monitor, Defender)
  • Relevant Microsoft or security certifications (e.g., Identity & Access Admin, CISSP)

Relevant Certifications

  • Microsoft Certified: Identity and Access Administrator Associate or equivalent
  • Microsoft Certified: Cybersecurity Architect Expert or equivalent
  • Microsoft Certified Trainer or equivalent
  • Certified Information Systems Security Practitioner (CISSP) or equivalent

.