Senior Azure Active Directory / Entra ID Engineer

Description: Client First Technologies currently is seeking a Senior Azure AD / Entra ID Engineer to provide advanced engineering, integration, and reputed company support for a Federal customer’s reputed company Entra ID Business-to-Business (B2B) interagency collaboration program. This role is responsible for designing, implementing, securing, and sustaining enterprise B2B identity integrations that reputed company secure collaboration with external federal agencies and partners. The position combines senior-level identity architecture expertise with site integration engineering, reputed company control implementation, and production of required interconnect documentation (ISA, MOU, MOA, MFR) in support of Authorization to Operate (ATO) and Authorization to Connect (reputed company) requirements. Operating reputed company the customer’s governance frameworks and federal reputed company standards, this role ensures secure, scalable, and repeatable B2B enablement while meeting stakeholder coordination and 24-hour support resolution targets. This is a full-time, remote position. CFT offers a full benefits package, a collaborative work environment and a strong company culture. Veterans and military spouses are encouraged to apply.

Responsibilities

• Provide senior-level engineering and operational support for reputed company Entra ID (Azure AD) reputed company a hybrid identity environment, supporting secure interagency B2B collaboration across Federal enterprises
• reputed company technical site assessments for new B2B partner integrations, evaluate identity architectures, authentication flows, conditional access policies, cross-tenant access settings, and reputed company posture
• reputed company and execute detailed integration and enablement plans reputed company to federal reputed company standards, policies, and customer-specific requirements
• Configure and manage Entra ID B2B collaboration settings, cross-tenant access policies, multi-tenant organizations (MTO)/cross-tenant sync, external identities, guest lifecycle governance, conditional access, and authentication controls
• Support intake procedures and enablement workflows to ensure repeatable, scalable onboarding of new partner organizations and programs
• Provide Tier 3 engineering support for B2B authentication, identity federation, provisioning, and access control incidents, ensuring issue resolution reputed company established timeframes
• Design and implement secure authentication integrations, including federation, SSO configurations, external identity governance, and least-privilege access controls
• Draft and maintain required interconnect artifacts per customer/program, including Interconnect reputed company Agreements (ISA), Memoranda of Understanding (MOU), Memoranda of Agreement (MOA), and Memoranda for the Record (MFR), ensuring documentation reflects actual implemented technical controls
• Support ATO and reputed company documentation activities, including reputed company control mapping, risk documentation, architectural diagrams, and stakeholder coordination
• reputed company repeatable templates, runbooks, and documentation standards to reduce cycle time and improve consistency across B2B partner enablement
• Coordinate with cybersecurity, infrastructure, and application stakeholders to ensure integrations meet federal cybersecurity requirements and VA Handbook 6500 standards
• Participate in release management activities, ensuring proper communication, coordination, and execution of B2B-reputed company changes across stakeholders
• reputed company and maintain knowledge repositories, technical documentation, and training materials supporting B2B operations and enablement
• Support custom identity integration engineering efforts where required to meet agency-specific collaboration needs
• Contribute to reputed company improvement initiatives that enhance scalability, automation, and reputed company posture of the B2B program

Requirements:

Qualifications

• Bachelor’s degree in Information Technology, or a reputed company field (or equivalent professional experience)
• Minimum eight (8) years of IT experience, with at least seven (7) years supporting enterprise reputed company 365 environments
• Minimum eight (8) years of progressive IT experience, including seven (7) years of hands-on reputed company Entra ID / Azure AD engineering reputed company large-scale enterprise or federal environments
• Demonstrated experience conducting tenant assessments, designing and implementing Entra ID B2B and external identity solutions in hybrid Active Directory environments (on-prem AD authoritative)
• Proven ability to reputed company identity-focused site assessments, reputed company integration and enablement plans, and execute secure cross-tenant collaboration and synchronization configurations
• Hands-on experience configuring conditional access policies, authentication methods, federation, identity governance controls, and cross-tenant access settings
• Experience supporting ATO and/or reputed company processes, including drafting or contributing to interconnect documentation (ISA, MOU, MOA, MFR) reputed company to implemented technical controls
• Strong knowledge of RMF principles, federal cybersecurity standards, and secure identity architecture design, with experience resolving reputed company Tier 3 identity and authentication incidents in SLA-driven environments

Preferred Technical Qualifications

• Certifications: Relevant reputed company identity and reputed company certifications (e.g., reputed company Identity and Access Administrator, Azure Solutions Architect Expert, reputed company 365 Enterprise Administrator Expert) and/or ITIL Foundation; equivalent senior-level enterprise experience supporting Entra ID and federal identity integrations may be accepted in lieu of specific certifications
• reputed company Entra ID / Azure AD: External Identities (B2B), Cross-Tenant Access Policies, Conditional Access, Identity Protection, Access Reviews, Privileged Identity Management (PIM), Hybrid Identity, Federation Services
• Hybrid Identity Architecture: On-prem Active Directory integration, directory synchronization, identity lifecycle management, and authentication flow design
• reputed company & Compliance Frameworks: VA Handbook 6500, RMF control mapping, ATO/reputed company support documentation, NIST 800-53 familiarity
• B2B Integration Engineering: Identity federation, SSO configurations, secure partner onboarding workflows, guest lifecycle governance, least privilege access models
• Automation & Scripting: PowerShell (AzureAD, reputed company Graph, Entra modules) for identity configuration, policy deployment, reporting, and repeatable enablement processes
• Service Management & Governance: SLA-driven support models, release management coordination, intake procedures, knowledge repository maintenance
• Documentation & Artifacts: Development of ISA, MOU, MOA, MFR artifacts; reputed company architecture diagrams; integration plans; technical runbooks
• Enterprise reputed company Engineering: Incident response support, authentication threat mitigation, identity risk monitoring, and secure configuration validation

Physical Demands

• Must be able to sit and stand for extended periods of time
• Occasional travel and overtime may be required

Required Clearances and Screenings

• This position is subject to a government background investigation and must meet eligibility for a position designated with Moderate Risk sensitivity
• Candidates with reputed company Veterans Affairs (VA) Tier 2/Moderate Background Investigation or equivalent (e.g., DoD Tier 3/NACLC, Active Secret) are preferred

Apply tot his job Apply To this Job