Identity Access Management & Azure Active Directory

About the job
About Brillio:

Brillio is one of the fastest growing digital technology service providers and a partner of choice for many Fortune 1000 companies seeking to turn disruption into a competitive advantage through innovative digital adoption. Brillio, renowned for its world-class professionals, referred to as "Brillians", distinguishes itself through their capacity to seamlessly integrate cutting-edge digital and design thinking skills with an unwavering dedication to client satisfaction.

Brillio takes pride in its status as an employer of choice, consistently attracting the most exceptional and talented individuals due to its unwavering emphasis on contemporary, groundbreaking technologies, and exclusive digital projects. Brillio's relentless commitment to providing an exceptional experience to its Brillians and nurturing their full potential consistently garners them the Great Place to Work® certification year after year.

Enterprise Computing Tower Lead

Primary Skills

Azure AD

Job requirements

Job Description:
8+ years of experience in Active Directory, Azure Active Directory areas 
Strong technical skills to implement IAM Security services with hands on experience on several of the items outlined below: - Managing identity and access on-premise with Active Directory 
Managing identity and access in the Microsoft Cloud – Azure Active Directory 
Secure Hybrid environments (AD Connect and authentication) 
Azure AD Self-service password reset, Azure AD access reviews 
Azure AD App Registration 
Azure AD Directory roles 
Authentication Methods (sign-on security, multi-factor authentication (MFA), device sign-on methods, Azure Seamless SSO, ADFS, ADFS Proxy, PHS and PTA) 
Azure AD Conditional Access (Compliance and conditional access policies, device compliance policy, conditional access policy) 
Role-based access control (RBAC) 
Azure AD Privileged Identity Management (PIM) 
Azure AD Identity Protection (User risk policy and sign-in risk policy) 
Azure ATP (Plan and implementation threat protection 
Review Architecture overview of new scenarios and make appropriate decisions for integrations 
Advanced knowledge designing, supporting, and upgrading Active Directory environments (Authentication, Authorization, Group Policy Objects, LDAP, PKI, DNS, ADFS, MIM/PAM, LAPS, etc.) 
Knowledge of Red Forest (Enhanced Security Administrative Environment) Identity Lifecycle Management 
Knowledge of SAML, OpenID Connect, OAuth, JSON, SPML, SCIM, XACML integration standards. 
Understanding of REST and SOA fundamentals and design 
Azure Automation/Runbooks, O365 topics 
Should be able to provide support in Architecture and operational tasks in and around Azure AD and security related topics like Application permissions, IAM, RBAC, User account management, O365, SAAS etc Additionally should have experience in operational support as such established/ integration into helpdesk & support/updating & maintaining documentation 
Connect infrastructure and management agent’s configuration 
Troubleshoot and providing solutions for issues related to AADC server config, user/application Authentication or authorization and resolving daily operational incidents 
Monitor and Handle tickets (incident/request), Major Incidents effectively and should be open to On Call support during off work hours when needed. 
Provide effective Coordination and end to end Support to customers in building their applications and integrations 
Periodically perform internal assessment to ensure compliance with controls 
Required additional skills: 
Azure CLI and Azure PowerShell, advanced scripting skills in PowerShell and the ability to read code and automate daily activities. 
Scripting Skills with MSFT Graph – Optional, Advantage to have 
Experience in using Github for version control and technical documentation 
Understanding on integrating of SaaS application or cross-functional applications between disparate business units and systems 
Basic knowledge in networking and Azure Security groups 
Experience in Azure Automation 
Create and maintain Technical and process Documentation 
Must have very good interpersonal skills such as team player, clear and transparent communication skills, Constructive feedback, decision making, responsibility, etc. 
Support in registering all type of applications and their configuration in Azure AD. (SAML, App proxy, API management, manifest changes, RBAC, CA, etc.,) 
Manage provisioning of user accounts and security groups from On-prem 
Review application configuration, permissions, access control and usages in way to keep the environment secure and risk free 
Build PowerShell scripts time to time or as on when needed 
Preferred Certification: 
Microsoft Azure Cloud certified 
SC-300: Microsoft Identity and Access Administrator 
Azure related certification