System Administrator III

Location: Must be local to Brentwood, TN or Denver, CO

The Tier 3 Microsoft Entra Administrator is a senior Identity & Access Management (IAM) professional responsible for securing, managing, and optimizing hybrid identity environments across Active Directory and Microsoft Entra ID. Serving as the highest escalation point for identity-related issues, this role leads advanced troubleshooting, root cause analysis, identity governance, and security initiatives aligned with Zero Trust principles.

This position focuses heavily on identity security, privileged access management, Conditional Access, MFA, Identity Protection, and identity governance. The administrator partners closely with Cybersecurity, Infrastructure, Compliance, and Operations teams to ensure secure, resilient, and audit-ready identity services. Responsibilities also include mentoring Tier 1–2 support teams, driving automation through PowerShell and Microsoft Graph, and improving operational efficiency through Service Now and identity lifecycle management tools such as NetIQ.

Key Responsibilities

• Serve as the Tier 3 escalation point for complex Entra ID, Active Directory, authentication, and hybrid identity issues.
• Lead resolution of critical identity outages, security incidents, and root cause analyses.
• Administer and secure Microsoft Entra ID, Active Directory, Entra Connect, and Cloud Sync environments.
• Design and manage Conditional Access, MFA, Identity Protection, Privileged Identity Management (PIM), and Zero Trust controls.
• Lead identity governance initiatives, including Access Reviews, Entitlement Management, and joiner-mover-leaver processes.
• Integrate and secure enterprise applications using SAML, OAuth, OpenID Connect, SCIM, and Entra SSO.
• Drive automation and operational improvements using PowerShell, Microsoft Graph, Azure Automation, and Logic Apps.
• Support audit, compliance, and regulatory requirements including SOX, SOC 2, ISO, and HIPAA.
• Mentor support teams and contribute to service excellence through Service Now, documentation, and process improvements.

Required:

• 5+ years of IAM experience, with 3+ years focused on Microsoft Entra ID in a hybrid environment.

• Deep expertise in:

• Microsoft Entra ID and Active Directory

• Conditional Access, MFA, and Zero Trust identity controls

• Privileged Identity Management (PIM)

• Hybrid identity troubleshooting (sync, authentication, federation)

• Hands-on experience with Service Now (ITSM, identity workflows).

• Experience working with NetIQ identity governance or directory tools.

• Strong PowerShell and automation skills.

• Proven ability to lead incident response and security-focused identity initiatives.

• Security-first mindset with strong Zero Trust principles

• Advanced troubleshooting and analytical skills

• Strong collaboration with Security, Compliance, and Infrastructure teams

• Clear technical documentation and communication

• Ability to lead initiatives independently and influence identity strategy

Preferred:

• Microsoft certifications (preferred):

• SC-300 – Identity and Access Administrator

• SC-200 / SC-100 – Security

• AZ-104, MS-102

• Experience with:

• Entra ID Protection and identity risk management

• Defender for Cloud Apps integration

• Phishing-resistant MFA rollouts (FIDO2 / WHfB)

• ITIL-based operational environments

• Experience supporting regulated or highly audited environments.

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
• Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
• Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
• Health: Global internal wellbeing programme, access to wellbeing apps;
• Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.

Additional Employee Requirements:

• Participation in both internal meetings and external meetings via video calls, as necessary.
• Ability to go into corporate or client offices to work onsite, as necessary.
• Prolonged periods of remaining stationary at a desk and working on a computer, as necessary.
• Ability to bend, kneel, crouch, and reach overhead, as necessary.
• Hand-eye coordination necessary to operate computers and various pieces of office equipment, as necessary.
• Vision abilities including close vision, toleration of fluorescent lighting, and adjusting focus, as necessary.
• For positions that require business travel and/or event attendance, ability to lift 25 lbs, as necessary.
• For positions that require business travel and/or event attendance, a valid driver’s license and acceptable driving record are required, as driving is an essential job function.

If requested, reasonable accommodations will be made to enable employees requiring accommodations to perform the essential functions of their jobs, absent undue hardship.

USA Benefits (Full time roles only, does not apply to contractor positions)

• Robust healthcare and benefits including Medical, Dental, vision, Disability coverage, and various other benefit options
• Flexible Spending Accounts (Medical, Transit, and Dependent Care)
• Employer Paid Life Insurance and AD&D Coverages
• Health Savings account paired with our low-cost High Deductible Medical Plan
• 401(k) Safe Harbor Retirement plan with employer match with immediately vest

At Endava, we’re committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.