Microsoft Entra ID Architect

Hi,

Job Role: Microsoft Entra ID Architect

Location: Multiple Locations in USA

Job Description:

Scope of work shall be to develop an identity governance solution using Microsoft Entra Governance features provided by tenant such that the following state is achieved:
* User identities are tracked throughout their employment lifecycle states.
* Basic access to applications is automated such that users have day-one access to the network and core applications required for their work.
* Application account creation/modification/disablement is automated where possible via directory integration, SCIM, API, SQL Stored Procedure, or ServiceNow Ticket.
* Requests for access are granted via an approval flow.
* All user accounts are linked to an employee or contractor.
* All application access is reviewed on a periodic (semiannual) basis.
* Reports are available for audit and research purposes. For example:
I
* Access Review Results, User accounts by application ,User roles and access
Objectives
* Migration of current IGA capabilities from IdentityNow to equivalent/comparable functionality provided by Entra Governance or other solutions (scripting, etc)
* Maintaining current integrations with Active Directory/Entra
* Leveraging new capabilities afforded by Entra Governance and other (Identity Access) Entra Suite features
1.1: Create Entra (primary)/On-prem AD (sync'd)/Exchange user accounts when new employee or contractor record is created in an authoritative source.
1.2: Role-Based Access (RBAC): Basic access is granted based on HR attributes.
1.3: Access may be granted by request (group-enabled - Example: department group/app group).
1.4: When user is on "Sensitive PTO" Lifecyde State, disable Entra and On-prem AD accounts.
1.5: Upon user termination, deprovisioning of access, accounts (Entra, Active Directory, and application), and active sessions.