Job VC
Entra Identity Engineer
Technologies
Description
On behalf of our Client from the Caribbean region, Mobilunity is looking for an
Entra Identity Engineer.
Our Client is the largest bank in the Caribbean region that serves 14 countries/territories. The aim is to transform this organization from a traditional bank into a new era of fintech, leveraging the cutting-edge of current fintech offerings.
The Entra Identity Engineer implements, configures, and operates Microsoft Entra ID capabilities for workforce, privileged, application, and hybrid identity scenarios. This is a hands-on engineering role focused on secure, resilient identity operations and integration with cloud and on-prem systems.
Responsibilities:
Implement and manage Microsoft Entra ID tenants, users, groups, roles, and directory settings
Configure MFA, Conditional Access, Identity Protection, and RBAC policies with least-privilege and break-glass controls
Integrate Entra ID with on-prem directories for hybrid identity (Azure AD Connect / Cloud Sync), including sync rules and writeback
Secure service principals, managed identities, and app registrations (certificates/secrets governance, permissions consent, token lifetimes)
Support identity components for cloud migrations and modern authentication (deprecate legacy auth, enable device compliance and SSO)
Troubleshoot authentication, authorization, and token-related issues across apps, devices, and protocols
Enable and support identity requirements for cloud platforms and applications (Azure, M365, SaaS, custom apps, APIs)
Automate routine operations with PowerShell and/or GitHub Actions/Azure Automation (policy deployment, user lifecycle, access reviews)
Implement monitoring, alerting, and incident response using Entra logs, sign-in risk, audit trails, and SIEM integrations
Partner with security, compliance, and application teams to meet regulatory and audit requirements.
Requirements:
Microsoft Entra ID (Azure AD) administration and troubleshooting across tenants and enterprise-scale environments
Conditional Access, MFA, Identity Protection policy design, testing, and safe rollout strategies
Hybrid identity patterns and tooling (Azure AD Connect / Cloud Sync, Pass-through Authentication, Seamless SSO)
OAuth2 / OIDC token handling and claims mapping; understanding scopes, consent, and grant types
PowerShell & automation for identity operations (MSOnline/AzureAD/Microsoft Graph modules)
Monitoring and log analysis for identity events (sign-ins, audit, risky users/sessions, service principals)
Privileged Identity Management (PIM) configuration, approval workflows, just-in-time access, and access reviews
Solid understanding of RBAC, directory roles, admin unit scoping, and least-privilege design
Working knowledge of device-based access (Intune compliance, device registration/Join, FIDO2/Windows Hello for Business)
Microsoft Certified: Identity and Access Administrator Associate
Microsoft Entra ID security and governance training
Azure security fundamentals (e.g., network basics, Key Vault, Defender for Cloud)
PowerShell automation training and scripting best practices
Basic OAuth/OIDC protocol training and token troubleshooting
Experience required:
4–7 years in identity or cloud engineering roles
Hands-on experience with Entra ID in enterprise or regulated environments
Experience supporting MFA rollouts and secure application access at scale
Exposure to cloud migration or hybrid identity deployments
Operational experience supporting identity platforms in production with on-call participation
Success Measure:
Reduction in risky sign-ins and identity-related incidents
On-time, low-friction rollout of Conditional Access and MFA policies
Mean time to resolution (MTTR) for identity incidents consistently trending down
Automation coverage for routine identity tasks and policy deployments
Positive audit outcomes for identity controls and privileged access
In return, we offer:
The friendliest community of like-minded IT people
Open knowledge-sharing environment – exclusive access to a rich pool of colleagues willing to share their endless insights into the broadest variety of modern technologies
Mobilunity Medical Insurance program is designed to meet our team’s needs
Paid vacations and sick leaves, including 5 paid days per year that don’t require a sick note
Perfect office location in the city center (900m from Lukyanivska metro station with a green and spacious neighborhood) or remote mode engagement: you can choose a convenient one for you, with a possibility to fit together both
No open-spaces setup – separate rooms for every team’s comfort, and multiple lounge and gaming zones
English classes in 1-to-1 & group modes with elements of gamification
Neverending fun: sports events, tournaments, music band, multiple affinity groups
Come on board, and let’s grow together!
Entra Identity Engineer.
Our Client is the largest bank in the Caribbean region that serves 14 countries/territories. The aim is to transform this organization from a traditional bank into a new era of fintech, leveraging the cutting-edge of current fintech offerings.
The Entra Identity Engineer implements, configures, and operates Microsoft Entra ID capabilities for workforce, privileged, application, and hybrid identity scenarios. This is a hands-on engineering role focused on secure, resilient identity operations and integration with cloud and on-prem systems.
Responsibilities:
Implement and manage Microsoft Entra ID tenants, users, groups, roles, and directory settings
Configure MFA, Conditional Access, Identity Protection, and RBAC policies with least-privilege and break-glass controls
Integrate Entra ID with on-prem directories for hybrid identity (Azure AD Connect / Cloud Sync), including sync rules and writeback
Secure service principals, managed identities, and app registrations (certificates/secrets governance, permissions consent, token lifetimes)
Support identity components for cloud migrations and modern authentication (deprecate legacy auth, enable device compliance and SSO)
Troubleshoot authentication, authorization, and token-related issues across apps, devices, and protocols
Enable and support identity requirements for cloud platforms and applications (Azure, M365, SaaS, custom apps, APIs)
Automate routine operations with PowerShell and/or GitHub Actions/Azure Automation (policy deployment, user lifecycle, access reviews)
Implement monitoring, alerting, and incident response using Entra logs, sign-in risk, audit trails, and SIEM integrations
Partner with security, compliance, and application teams to meet regulatory and audit requirements.
Requirements:
Microsoft Entra ID (Azure AD) administration and troubleshooting across tenants and enterprise-scale environments
Conditional Access, MFA, Identity Protection policy design, testing, and safe rollout strategies
Hybrid identity patterns and tooling (Azure AD Connect / Cloud Sync, Pass-through Authentication, Seamless SSO)
OAuth2 / OIDC token handling and claims mapping; understanding scopes, consent, and grant types
PowerShell & automation for identity operations (MSOnline/AzureAD/Microsoft Graph modules)
Monitoring and log analysis for identity events (sign-ins, audit, risky users/sessions, service principals)
Privileged Identity Management (PIM) configuration, approval workflows, just-in-time access, and access reviews
Solid understanding of RBAC, directory roles, admin unit scoping, and least-privilege design
Working knowledge of device-based access (Intune compliance, device registration/Join, FIDO2/Windows Hello for Business)
Microsoft Certified: Identity and Access Administrator Associate
Microsoft Entra ID security and governance training
Azure security fundamentals (e.g., network basics, Key Vault, Defender for Cloud)
PowerShell automation training and scripting best practices
Basic OAuth/OIDC protocol training and token troubleshooting
Experience required:
4–7 years in identity or cloud engineering roles
Hands-on experience with Entra ID in enterprise or regulated environments
Experience supporting MFA rollouts and secure application access at scale
Exposure to cloud migration or hybrid identity deployments
Operational experience supporting identity platforms in production with on-call participation
Success Measure:
Reduction in risky sign-ins and identity-related incidents
On-time, low-friction rollout of Conditional Access and MFA policies
Mean time to resolution (MTTR) for identity incidents consistently trending down
Automation coverage for routine identity tasks and policy deployments
Positive audit outcomes for identity controls and privileged access
In return, we offer:
The friendliest community of like-minded IT people
Open knowledge-sharing environment – exclusive access to a rich pool of colleagues willing to share their endless insights into the broadest variety of modern technologies
Mobilunity Medical Insurance program is designed to meet our team’s needs
Paid vacations and sick leaves, including 5 paid days per year that don’t require a sick note
Perfect office location in the city center (900m from Lukyanivska metro station with a green and spacious neighborhood) or remote mode engagement: you can choose a convenient one for you, with a possibility to fit together both
No open-spaces setup – separate rooms for every team’s comfort, and multiple lounge and gaming zones
English classes in 1-to-1 & group modes with elements of gamification
Neverending fun: sports events, tournaments, music band, multiple affinity groups
Come on board, and let’s grow together!