Job Description

Participate in the on-call rotation as a Designated Responsible Individual (DRI), providing dependable and timely operational support for identity services. Execute identity lifecycle operations such as access provisioning and deprovisioning, group and role management, and access governance activities. Troubleshoot and resolve identity-related incidents, including MFA and Conditional Access failures, SSO and token issues, service principal misconfigurations, device join problems, and directory synchronization errors. Monitor service health, identity logs, and alerts to proactively identify issues and maintain service reliability and security compliance. Investigate, triage, and mitigate production incidents with clear communication, accurate diagnosis, and timely resolution to minimize customer impact. Contribute to root-cause analysis and post-incident reviews, supporting follow-up actions to reduce repeat incidents. Develop and maintain scripts and basic automation to streamline identity operations, improve first-contact resolution, and reduce manual and repetitive work. Assist in building self-service and preventative solutions such as identity health checks and policy drift detection. Identify recurring operational issues and collaborate with engineering partners to implement automation-first improvements that reduce operational noise and incident volume. Work in scheduled shift and on-call rotations to provide continuous operational support for identity services. 6+ years of experience in security operations, IT operations, technical support, or engineering roles supporting production systems. Strong understanding of identity and access fundamentals, including authentication and authorization protocols (OAuth 2.0, OIDC, SAML, certificate-based authentication) and common token flows. Experience supporting directory synchronization and device identity, including Entra Connect or Cloud Sync, Azure AD joined, hybrid joined, and registered devices, and how device posture influences Conditional Access. Working knowledge of application identity, including app registrations, delegated and application permissions, consent flows, API scopes, and identifying common configuration issues. Ability to analyze identity logs and telemetry, such as sign-in, audit, token, and provisioning logs, using tools like the Azure portal, KQL, Graph Explorer, Azure Monitor, or IcM. Demonstrated troubleshooting and automation mindset, with experience scripting or building basic automation to reduce manual work, improve support quality, and collaborate effectively with engineering and security teams. Working knowledge of automation tools and source control, including Git/GitHub and CI/CD pipelines. Familiarity with monitoring and incident management tools such as Azure Monitor, Kusto, Grafana, and IcM. Strong interest in service reliability, operational discipline, and improving production support quality. Practical scripting experience using PowerShell and/or Python.

Skills Required