Entra ID / Azure PIM Architect

At KeyData Cyber, our vision is to be the North American leader in designing and delivering digital identity security strategies and solutions to protect our clients in their digital transformation initiatives.

KeyData Cyber is a Gartner-recognized leader in professional identity security services, specializing in:

• Identity Governance & Administration (IGA)
• Privileged Access Management (PAM)
• Customer Identity & Access Management (CIAM)
• Cloud Security Posture Management (CSPM)
• Identity Threat Detection & Response (ITDR)
  
  

Come join us, you’re key to our success!

Title: Entra PIM / Entra ID Architect

Location: India

Work Type: Full Time, Permanent

Key Responsibilities

Microsoft Entra ID Architecture & Administration:

• Lead the design, implementation, and administration of Microsoft Entra ID with a focus on Security policies, Identity and Access management, privileged access management.
• Architect and oversee Entra PIM (Privileged Identity Management) for Just-In-Time (JIT) role elevation, role-based access controls (RBAC), and access reviews.
• Establish and enforce Conditional Access policies, ensuring adaptive security based on risk factors such as user behavior, device health, and location.
• Manage and optimize authentication strategies, including Passwordless authentication, FIDO2 security keys, Temporary Access Pass (TAP), and risk-based MFA enforcement.
  
  

Application Identity & Security

• Architect and implement secure authentication & authorization frameworks for applications using SAML, WS-FED, OAuth 2.0, and OpenID Connect (OIDC).
• Govern Service Principals & Enterprise Applications, ensuring least privilege access and Just-In-Time (JIT) elevation via Entra PIM.
• Secure application credentials, API keys, and cryptographic keys using Azure Key Vault.
• Define and enforce access policies for Key Vault using Conditional Access & Privileged Identity Management (PIM).
• Implement session control policies in Microsoft Defender for Cloud Apps for continuous monitoring of user activity.
  
  

Monitoring, Automation & Continuous Improvement

• Implement automated identity workflows using Microsoft Graph API, PowerShell, Azure Logic Apps, and Azure Functions.
• Monitor Microsoft Defender for Identity & Defender for Cloud Apps, ensuring threat detection, anomaly detection, and risk-based security enforcement.
• Analyze sign-in logs, audit logs, and identity risk events to enhance security and optimize Conditional Access and Identity Protection policies.
• Continuously evaluate new Entra ID capabilities, ensuring alignment with industry best practices and security benchmarks.
  
  

Qualifications

• Bachelor’s/master’s degree in computer science, Information Security, or related field.
• 7+ years of hands-on experience in Entra ID, PIM, IAM and Privileged Access Management (PAM).
• Expert knowledge of Entra ID, Entra PIM, Conditional Access, and authentication protocols (OAuth, SAML, WS-FED, OpenID Connect).
• Hands-on experience with SCIM-based provisioning, hybrid identity synchronization (PHS, PTA, ADFS), B2B/B2C identity management, and Entra ID Cross-Tenant Sync.
• Strong background in PowerShell, Graph API scripting for identity automation.
• Experience working with identity security frameworks, compliance requirements, and Zero Trust security models.
• Strong troubleshooting and analytical skills with experience in Entra ID audit logging, Defender for Identity, and security analytics tools.
  
  

Certifications (Preferred)

• Microsoft Certified: Cybersecurity Architect Expert or Entra ID solution architecture.
• AZ-500 (Azure Security Engineer)
  
  

Why KeyData Cyber?

A Place Putting People First – Our team is our strongest asset. We have smart, hard-working, and talented team members. We support learning and development at all levels and encourage work-life balance as part of our key values.

A Place to Accelerate Your Career – We have the most digital identity solution deployments in Canada and we are in hyper-growth mode across North America. There are extensive opportunities to learn, develop, and advance in different areas of the business.

A Place to Share Your Perspective – We create a culture of respect, belonging, and empowerment for everyone by promoting fair treatment and full participation for all.

If you require accommodation due to a disability at any time during the recruitment and/or assessment process, please contact  Talent Acquisition  and we will make all reasonable efforts to accommodate your request.

Apply now to join the KeyData Cyber team!

KeyData Cyber is a Gartner-recognized leader in professional identity security services, specializing in Identity Governance & Administration (IGA), Privileged Access Management (PAM), Customer Identity & Access Management (CIAM), Cloud Security Posture Management (CSPM), and Identity Threat Detection & Response (ITDR).