What are the responsibilities and job description for the Senior Identity and Messaging Engineer position at SEKO Logistics?
Job Description
KEY ACCOUNTABILITIES INCLUDE:
Minimum
KEY ACCOUNTABILITIES INCLUDE:
- Design, implement, and maintain IAM solutions, including on-premises Active Directory, Azure AD/Entra ID, and hybrid identity environments
- Manage and optimize multiple Azure AD Connect environments for seamless synchronization between on-premises AD and Azure AD/Entra ID
- Implement and maintain identity federation solutions for single sign-on (SSO) across applications and services, including Azure AD Application Proxy and ADFS
- Configure and manage Conditional Access policies and Multi-Factor Authentication in Azure AD/Entra ID
- Develop and enforce IAM policies, workflows, and procedures to ensure secure and efficient access management across on-premises and cloud environments
- Manage user lifecycle, including onboarding, offboarding, and role changes, ensuring adherence to security policies and compliance requirements
- Conduct periodic access reviews and audits to maintain compliance
- Create processes for automatic disablement of accounts when certain criteria are met
- Design, manage, and maintain Office 365 environment(s) with on-premises Exchange and Microsoft 365 components
- Implement and support email security measures to protect the organization's email domains and ensure secure external mail flow
- Work to create API-based integration automation solutions for onboarding, audits, and other service management functions
- Provide 3rd level technical support for Email Services components and custom tools
- Author and maintain operations, security controls, and technology lifecycle related documentation
- Collaborate with cross-functional teams to align IAM and messaging solutions with business goals and security requirements
- Stay current with industry best practices, regulations, and compliance standards related to IAM and messaging systems
- Respond to incidents, investigate security breaches, and perform root cause analysis for both IAM and messaging-related issues
- Generate reports and metrics related to IAM and messaging activities and security posture
- Utilize PowerShell and other scripting languages for automation and management tasks across on-premises and cloud environments
- Maintains current, meticulous documentation, on all infrastructure components that are shared amongst all team members and with peer teams as required
- Troubleshooting and setting up AzureAD/EntraID SCIM with SaaS applications
- Thorough knowledge of Entra Connect Sync and Entra Cloud Sync to support it hands-on
- Good understanding of Azure AD B2C and Entra External ID setup and management to support it hands-on.
- Participate in the development of a safe and healthy workplace. Comply with instructions given for their own safety and health and that of others, in adhering to safe work procedures. Co-operate with management in its fulfilment of its legislative obligations.
- Other duties as assigned by management.
- Provided hands-on DNS/SPF/DMARC/DKIM changes/support/implementation previously for larger multi-domain companies.
- Must have advanced, prior “hands-on” experience with O365, AzureAD/EntraID, On-Prem Active Directory domains (multiple) and demonstrated expertise by successful implementation of projects with minimal disruption to the business, users, and customers.
- Must be able to take an identity and messaging (Teams/Email/Sharepoint/O365) lead role on projects which will be related to various aspects of infrastructure. It is critical this individual can communicate solutions and issues around the solutions to his/her peers in the business, infrastructure, application, and database areas.
- Ability to support escalations from IT Service Desk and act as 3rd tier resource to resolve issues. Never an issue to contact a user directly to find out what exactly might be the problem.
- Monitor mail flow, create/execute on checklists to validate email flows
- Hands-on creation of Powershell scripts to manage messaging/AD environments
- Job has on-call responsibilities.
- Works on project-based initiatives and provides written and verbal status updates to business users/stakeholders.
- Assist with patching process on servers in environment.
Minimum
- Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience)
- 10 years of experience in IAM and Enterprise Messaging systems
- Strong knowledge of on-premises Active Directory, Azure AD/Entra ID, and hybrid identity concepts and technologies
- Expertise in Enterprise Email systems (e.g., Exchange on-premises, Exchange Online, Microsoft 365)
- Proficiency in PowerShell and other scripting languages for automation and management tasks
- Experience with Azure AD Connect, Conditional Access, and Microsoft Graph APIs
- Familiarity with authentication protocols (e.g., SAML, OAuth, OpenID Connect)
- Current industry certifications from Microsoft or Identity certifications
- Experience in a larger IT environment preferred with over 3000 users and multiple domains and O365 tenants
- Security experience a plus especially with email security platforms and identity security platforms
- Experience with cloud platforms (e.g., Azure, AWS) and their IAM components
- Strong problem-solving and analytical skills
- Excellent communication and documentation abilities
