Principal M365 & Active Directory Engineer

We are seeking a highly skilled **M365 & Active Directory Engineer** with expertise in managing and optimizing Microsoft 365 environments, including **Exchange Online, Azure Active Directory (Entra), Graph API, and Power Apps** . The ideal candidate will have strong proficiency in **Advanced PowerShell scripting** for automation and deep knowledge of Microsofts cloud and directory services. This role requires hands-on experience in managing and securing enterprise-level cloud solutions while ensuring efficient collaboration between various systems and applications.**In this role you will.**+ Manage, configure, and optimize **Microsoft 365 services** , including **Exchange Online, Teams, SharePoint, OneDrive** , and **Intune** .+ Monitor and troubleshoot issues with **Exchange Online** (mail flow, retention policies, security, compliance) and ensure uptime and availability.+ Administer and support **Azure Active Directory (AAD/Entra)** , including users, groups, conditional access, and hybrid identity integration with on-premises Active Directory.+ Implement and enforce **Multi-Factor Authentication (MFA)** and security best practices across user accounts and devices.+ Develop and manage integrations using the **Microsoft Graph API** for automation and custom applications, enabling advanced capabilities across Microsoft 365 services.+ Create custom scripts to automate administrative tasks and data retrieval from the Graph API, enhancing operational efficiency.+ Write and maintain **Advanced PowerShell scripts** to automate user and resource provisioning, reporting, and service configurations across **Exchange Online, Active Directory, and M365**+ Develop PowerShell-based automation for identity management, compliance reporting, and bulk modifications.+ Manage and troubleshoot all aspects of **Exchange Online** , including mailboxes, transport rules, hybrid configurations, and retention policies.+ Administer email security, spam filtering (ATP), and ensure compliance with data retention policies.+ Maintain and optimize **on-premises Active Directory (AD)** infrastructure, including DNS, GPOs, and domain controllers.+ Ensure synchronization between **AD and Azure AD** using **Azure AD Connect** for hybrid identity solutions.+ Develop, manage, and maintain **Power Apps** to streamline internal processes, build user-friendly interfaces for data retrieval, and automate workflows.+ Collaborate with business units to understand requirements and translate them into **Power Apps solutions** or **Power Automate**+ Implement and maintain security best practices, including **Conditional Access policies** , encryption, and data loss prevention (DLP) in Microsoft 365.+ Support security and compliance audits by providing detailed reporting on identity access management, mail flow, and data access.**Youve got what it takes if you have:**+ **Extensive experience in managing Microsoft 365 services** , with a focus on **Exchange Online** and **Azure Active Directory** .+ **Advanced in PowerShell scripting** for automating M365, Exchange, and AD management tasks.+ **Experience with Microsoft Graph API** for data retrieval and automation across M365.+ Expertise in managing **Azure AD/Entra** , including **Conditional Access, MFA** , and security best practices.+ Strong understanding of **Active Directory** , including **hybrid environments** and **Azure AD Connect** .+ Experience with **Power Apps** development and **Power Automate** for building workflows and process automation.+ Strong problem-solving and troubleshooting skills, with the ability to identify root causes and develop scalable solutions.+ **Preferred Qualifications:**+ **Microsoft certifications** : **MCSA, MCSE, MS-500 (Microsoft 365 Security Administration)** or **AZ-104 (Azure Administrator)** .+ Skilled with **JSON, REST API integrations** .+ Experience with security tools such as **Microsoft Defender** for O365 and **Data Loss Prevention (DLP)** , Crowdstrike, Forcepoint, etcEqual Employment Opportunity has been, and will continue to be, a fundamental commitment at Cornerstone OnDemand. All qualified applicants are given consideration regardless of race, color, gender, age, sexual orientation, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable Federal, State, or Local fair employment laws. If you have a disability or special need that requires accommodation, please contact us at careers@csod.com