Track Lead - Thycotic Privilege Manager, Azure Active Directory

Job Summary

The Azure AD L3 Engineer is responsible for advanced administration, engineering, and troubleshooting of Microsoft Entra ID (Azure AD) in a hybrid identity environment. The role focuses on identity lifecycle management, authentication mechanisms, security controls, and integration with enterprise applications, while acting as the final escalation point for complex incidents and architectural changes.

Key Responsibilities

L3 Operations & Escalations Act as Level 3 escalation point for complex Azure AD / Entra ID issues Perform Root Cause Analysis (RCA) for identity, authentication, and SSO failures Resolve issues related to: MFA failures Conditional Access policies Token/authentication issues Azure AD Connect sync failures Coordinate with Microsoft support for critical issues Design and manage: Users, Groups, Roles, and RBAC Privileged Identity Management (PIM) Identity Governance (Access Reviews, Entitlement Mgmt) Implement and manage: Single Sign-On (SSO) OAuth / SAML integrations Azure AD App registrations Hybrid Identity Management Manage and troubleshoot: Azure AD Connect (sync, staging, failover) Password Hash Sync, PTA, Federation (ADFS) Ensure consistency between: On-prem Active Directory & Azure AD Support domain migrations and identity transformations Security & Compliance Implement identity security controls: Conditional Access policies Multi-Factor Authentication (MFA) Identity Protection (risk-based policies) Manage: Privileged Access Service accounts and PAM solutions Ensure compliance with standards (ISO, NIST, GDPR-aligned practices referenced in enterprise use cases) Looking fo...pportunity | Outlook 🔹 Directory & Configuration Management Manage: Tenants, domains, custom attributes Azure AD Application Proxy Maintain: Identity lifecycle automation processes Monitor: Directory health Sign-in logs and audit logs 🔹 Monitoring & Automation Use tools: Azure Monitor, Log Analytics Azure AD logs for proactive monitoring Develop automation using: PowerShell Microsoft Graph API 🔹 Engineering & Continuous Improvement Design: Identity architecture for new applications SSO integrations and security baselines Optimize: Authentication flows and performance Implement: Zero Trust principles for identity

Skill Requirements

Strong expertise in: Microsoft Entra ID (Azure AD) Azure AD Connect / Hybrid Identity Deep understanding of: Authentication protocols (SAML, OAuth, OpenID Connect, Kerberos) Experience in: Conditional Access, MFA, Identity Protection RBAC and Privileged Access PowerShell scripting / automation Microsoft Graph API Azure Portal & CLI Directory synchronization & federation

Other Requirements

6–10+ years in Identity & Access Management 3–5+ years specifically in Azure AD / Entra ID Experience in large enterprise environments