Azure Active Directory Engineer

Position: Entra ID/Active Directory Engineer

Location: St N, St Paul, MN - Hybrid (1-2 Days on-site/Week)

Duration: 12 Months with possible extension

Narrative Description of Position:

Identity Management & Administration:

• Design, implement, and manage hybrid Active Directory (AD) environments and Azure Active Directory

(Entra ID)

• Integrate systems and applications with centralized authentication solutions

• Administer identity federation services such as Single Sign On (SSO) and Multifactor Authentication

(MFA)

• Manage directory synchronization tools like Azure AD Connect or Okta

Security & Compliance:

• Implement security measures to protect AD/Entra ID environments against vulnerabilities

• Ensure compliance with CJIS, PCI, HIPAA, and other relevant regulatory frameworks

• Conduct regular disaster recovery exercises for AD/Entra ID environments

• Develop and enforce security baselines and policies for identity services

Operational Excellence:

• Monitor system performance, capacity planning, and resolve high-severity incidents

• Automate processes using PowerShell scripting or other tools to enhance efficiency

• Conduct regular health checks of identity platforms to ensure operational stability

• Maintain detailed technical documentation and Standard Operating Procedures (SOPs)

Collaboration & Leadership:

• Provide technical leadership to cross-functional teams

• Mentor junior engineers and operational teams on best practices

• Participate in architectural discussions to design scalable, secure solutions

• Collaborate with stakeholders to align identity services with business needs

What education and experience are required for this job (minimum qualifications)

Any of the following combinations of education (in Computer Science, Systems Security, or similar) and relevant

Experience:

• Bachelor's degree and 5 years of experience

• Associate's degree and 7 years of experience

• High school diploma or GED and 9 years of experience

Experience should include Active Directory/Entra ID engineering and experience managing environments

containing sensitive data (CJIS, PCI, HIPAA, etc.).

Knowledge, Skills, and Abilities:

• Advanced knowledge of Active Directory (on-premises) and Azure Active Directory/Entra ID

• Expertise in authentication protocols such as LDAP, Kerberos, SAML, OIDC

• Proficiency in PowerShell scripting for automation tasks

• Experience with disaster recovery planning for directory services

• Familiarity with Group Policy Objects (GPO), AD replication, backup/restoration processes

• Strong understanding of identity security best practices

• Experience implementing privileged access management (PAM) solutions

• Familiarity with regulatory frameworks like CJIS, PCI DSS, HIPAA

• Strong problem-solving abilities under pressure

• Excellent communication skills for collaboration across teams

• High attention to detail with a proactive approach to identifying risk