IT Architect - Entra ID (Microsoft Azure Active Directory) Architect

The Division of Technology Services (DTS) is looking for an Entra ID (Microsoft Azure Active Directory) IT Architect to join our great team at DTS. As the Architect, you will be responsible for designing, implementing, and managing identity and access management solutions using the Entra ID platform and Microsoft Active Directory, as well as supporting the deployment and management of identity and access management solutions across the enterprise. The chosen candidate will work closely with stakeholders, Information Technology (IT) operations, and security teams to understand business requirements and translate them into scalable and secure identity solutions. Your role involves defining architecture standards, implementing best practices, and ensuring compliance with security and regulatory requirements.This position is currently a hybrid of both in-office (2 days a week required) and telework days. The office is located at the Taylorsville State Office Building - Utah Department of Government Operations, Division of Technology Services (DTS); 4315 South 2700 West, Taylorsville, UT 84129. Please note, a position's eligibility for telework is established by agency management and is subject to change at their discretion at any time and for any reason.Why join our team?We have great business partners who want to serve Utah citizens efficiently and effectively, while working within the guidance of their federal and state partners. This is an opportunity to make a difference for Utah citizens while being a pivotal part of an exciting IT team. You will receive great health and retirement benefits, such as generous paid time off so you can spend more time with your family and have a positive work-life balance. We also offer an onsite gym, exercise time, education reimbursement, and discounted bus passes as well as other great benefits.The Agency:To learn more about The Division of Technology Services check us out. The State's environment is a highly optimized blend of systems responsible for collecting, processing, and distributing millions of data elements every day.Key Responsibilities:Solution Design and Architecture:Collaborate with stakeholders, Information Technology (IT) operations, and security teams to gather requirements and design scalable, secure, and high-performance identity solutions using Microsoft Entra ID and Active Directory.Define architecture standards, reference architectures, and design patterns for identity and access management in alignment with Entra ID platform requirements and industry best practices.Conduct architecture reviews, assess technical feasibility, and recommend solutions that meet business needs while adhering to security, compliance, and performance requirements.Entra ID Implementation and Integration:Lead the implementation and configuration of Azure Active Directory services, including user provisioning, authentication, single sign-on (SSO), and multi-factor authentication (MFA).Integrate Entra ID and Active Directory platform components and third-party applications to enable seamless user access and authentication experiences.Configure Entra ID Connect for directory synchronization and identity federation with on-premises Active Directory environments, if applicable.Identity Governance and Security:Define and implement identity governance policies, role-based access control (RBAC) models, and entitlement management workflows to ensure least privilege access and compliance.Implement security controls and monitoring mechanisms to protect Azure AD resources, including conditional access policies, identity protection, and privileged identity management (PIM).Conduct security assessments, vulnerability scans, and audits to identify and remediate security risks and compliance gaps related to Azure AD configurations.Identity Lifecycle Management:Define and automate identity lifecycle management processes, including user provisioning, deprovisioning, and account lifecycle policies, to streamline administrative tasks and improve operational efficiency.Implement self-service capabilities for users, such as password reset, group management, and profile updates, to reduce helpdesk requests and enhance user experience.Monitor identity-related events and metrics, such as user activity logs, sign-in logs, and authentication failures, to detect and respond to security incidents and anomalous behavior.Collaboration and Knowledge Sharing:Collaborate with cross-functional teams, including developers, system administrators, and security analysts, to ensure seamless integration of identity solutions with Entra ID platform components.Provide guidance, training, and mentorship to team members and stakeholders on Entra ID best practices, capabilities, and features.Stay informed about Entra ID updates, new features, and industry trends, and share knowledge with the team to drive continuous improvement and innovation.Minimum Qualifications:Proven experience (5+ years) in architecting, implementing, and managing identity and access management solutions using Microsoft Azure Active Directory.Expertise in Microsoft Azure services, including Entra ID, Entra ID Connect, Entra ID B2B/B2C, Azure Multi-Factor Authentication, and Azure Identity Protection.Strong understanding of identity standards and protocols, such as OAuth, OpenID Connect, SAML, LDAP, and Kerberos.Experience with identity governance frameworks, RBAC models, and security best practices for cloud-based identity solutions.Excellent communication and collaboration skills, with the ability to work effectively with stakeholders at all levels of the organization.Industry certifications such as Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Identity and Access Administrator Associate, or equivalent certifications in cloud security and identity management are preferred.Knowledge and experience with other Identity Provider (IdP) solutions (Ping, Forgerock, Okta).Employment is contingent on passing a drug screening and a background check. Risks found in the typical office setting, which is adequately lighted, heated, and ventilated, include safe use of office equipment, avoiding trips and falls, observing fire regulations, etc. Typically, the employee may sit comfortably to perform the work; however, there may be some walking, standing, bending, carrying light items, and driving an automobile. Special physical demands are not required to perform the work.

#J-18808-Ljbffr