What success looks like in this role:
We are seeking an experienced Senior Azure Entra & Active Directory Engineer to manage and optimize enterprise identity and access management (IAM) solutions. This role requires deep expertise in Microsoft Entra ID (formerly Azure AD), Active Directory (AD), and related security technologies. The ideal candidate will design, implement, and maintain identity services that ensure high availability, security, and compliance for the organization's cloud and hybrid environments.
Key Responsibilities:
Design, implement, and maintain Microsoft Entra ID (Azure AD) and on-premises Active Directory infrastructure.
Develop and enforce security policies, ensuring compliance with industry standards and best practices.
Manage and optimize Identity and Access Management (IAM) solutions, including SSO (Single Sign-On), MFA (Multi-Factor Authentication), Conditional Access, and Privileged Identity Management (PIM).
Administer and troubleshoot AD Federation Services (ADFS), Azure AD Connect, Group Policy (GPO), and DNS.
Automate identity lifecycle management using PowerShell, Terraform, or other scripting languages.
Integrate identity solutions with Azure, Microsoft 365, and third-party SaaS applications.
Monitor and respond to security threats using Microsoft Defender, Azure Sentinel, and other security tools.
Perform regular AD health checks, performance tuning, and patch management.
Collaborate with security, cloud, and networking teams to improve IAM strategies.
Lead migrations, upgrades, and modernization efforts, including Active Directory domain consolidations and hybrid identity implementations.
Provide technical mentorship and training to junior engineers.
Document system designs, processes, and best practices.
#LI-BN1
You will be successful in this role if you have:
Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience).
8+ years of experience in Active Directory, Azure AD (Entra ID), and IAM technologies.
Strong expertise in Azure AD B2B/B2C, Conditional Access, and RBAC (Role-Based Access Control).
Hands-on experience with Windows Server, DNS, DHCP, and AD Group Policy.
Experience with PowerShell scripting and automation.
Knowledge of Zero Trust security models and modern authentication protocols (OAuth, SAML, OpenID Connect).
Experience with Azure AD Connect, ADFS, and Hybrid Identity.
Strong troubleshooting skills in identity federation, authentication, and authorization issues.
Familiarity with Privileged Access Management (PAM) solutions such as CyberArk, BeyondTrust, or Azure PIM.
Excellent communication and documentation skills.
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ EEO commitment here.