Apply on Employer Site

EY · 3 days ago

GPS - IAM Engineer - Supervising Associate

Dallas, TX

Full-time

Hybrid

Mid, Senior Level

$91K/yr - $170K/yr

5+ years exp

EY is a globally connected powerhouse of diverse teams dedicated to building a better working world. The IAM Engineer - Supervising Associate will be responsible for supporting various applications in cloud platform services, ensuring stability for application platforms, and driving technology standards across IT Services.

AccountingAdviceBusiness IntelligenceConsultingFinancial ServicesProfessional Services

Growth Opportunities

No H1B

Security Clearance Required

Responsibilities

Maintaining ongoing knowledge and support of Azure infrastructure and aligned applications such as:

Azure Cloud hosted services, Bastion, Keyvault, Recovery Services Vault, Storage accounts

Azure Role Based Access Control (RBAC)

Power Automate, App Service Plan, Function Apps, Application Insights

Azure networking; Vnets, network security groups (NSG), private and public endpoints, Azure Private DNS

Microsoft Entra Domain Services (MEDS)

Access reviews, reporting and Audit compliance

Deploying MEDS on Azure VM’s and install replica Domain Controllers or Forests in an Azure virtual network

Maintain ongoing knowledge and support of servers and networks aligned to the Active Directory environments including but not limited to:

Single Sign-On (SSO) configuration and remediation

Native Microsoft tools including but not limited to ADSI, ADUC, DNS, Domains and Trusts

DISA STIG remediation with Group Policy Objects (GPO)

Public Key Infrastructure (PKI)

Creating and configuring Microsoft Entra Domain Services (IAAS & PAAS) for authenticating applications in Azure Cloud

Entra services management including application proxy, Licensing, Azure PIM

Application Registrations; OAuth/OpenID, API Permissions, Client ID/Secrets, JWT Tokens/Claims, JSON, App Roles

API Gateways, Enterprise Databases, SSO and Access Management systems, identity federation protocols (SAML), OIDC, OAuth2 and LDAP/LDAPS

Enterprise Applications; SAML, SCIM Provisioning

Managing data stored in Entra ID via Graph and Powershell

Multi Factor Authentication (MFA) such as Entra ID MFA integration into the authentication, authorization, and single sign-on process for applications and systems

Account, Group, and entitlement management with SailPoint Identity Security Cloud (ISC) or IdentityIQ (IIQ)

Integrating SailPoint ISC or IIQ and other Identity Infrastructure with Entra ID

Design and configuration of Entra Conditional Access using Zero Trust principles

Entra ID external collaboration; B2B, Entra External ID

The role may also require the periodic allocation of additional time on the job to support multiple demands and escalating issues or to accommodate teams or staff in other time zones

Qualification

Azure Cloud servicesIdentityAccess ManagementActive Directory managementCloud infrastructure securitySailPoint Identity Security CloudMicrosoft EntraPowerShell scriptingAPI integrationProblem-solving skillsOrganizational skillsInterpersonal skillsCommunication skillsTeamwork

Required

Bachelor's degree in Computer Science or a related discipline, or equivalent work experience required

5-8+ years of cloud infrastructure

3 or more years of hands on experience in designing and implementing Cloud services like Azure AD, Entra ID, Azure MFA, Entra Conditional Access, Azure B2B and Azure PIM

Demonstrated deep expertise in cloud infrastructure

Experience with writing custom, scripting tools (Python, PowerShell, etc.), interacting with API's and shell scripting

Excellent interpersonal, communication and presentation skills

Strong English language skills are required – written and verbal

Good judgment, tact, and decision-making ability

Ability to work in a diverse, multi-cultural, environment

Ability to obtain and maintain Top secret security clearance