All roles

Open role

Senior Azure Active Directory / Entra ID Engineer

Remote · Poland Full-time

Description: Client First Technologies currently is seeking a Senior Azure AD / Entra ID Engineer to provide advanced engineering, integration, and security support for a Federal customer’s Microsoft Entra ID Business-to-Business (B2B) interagency collaboration program. This role is responsible for designing, implementing, securing, and sustaining enterprise B2B identity integrations that enable secure collaboration with external federal agencies and partners. The position combines senior-level identity architecture expertise with site integration engineering, security control implementation, and production of required interconnect documentation (ISA, MOU, MOA, MFR) in support of Authorization to Operate (ATO) and Authorization to Connect (ATC) requirements. Operating within the customer’s governance frameworks and federal security standards, this role ensures secure, scalable, and repeatable B2B enablement while meeting stakeholder coordination and 24-hour support resolution targets. This is a full-time, remote position. CFT offers a full benefits package, a collaborative work environment and a strong company culture. Veterans and military spouses are encouraged to apply.

Responsibilities

  • Provide senior-level engineering and operational support for Microsoft Entra ID (Azure AD) within a hybrid identity environment, supporting secure interagency B2B collaboration across Federal enterprises
  • Lead technical site assessments for new B2B partner integrations, evaluate identity architectures, authentication flows, conditional access policies, cross-tenant access settings, and security posture
  • Develop and execute detailed integration and enablement plans aligned to federal security standards, policies, and customer-specific requirements
  • Configure and manage Entra ID B2B collaboration settings, cross-tenant access policies, multi-tenant organizations (MTO)/cross-tenant sync, external identities, guest lifecycle governance, conditional access, and authentication controls
  • Support intake procedures and enablement workflows to ensure repeatable, scalable onboarding of new partner organizations and programs
  • Provide Tier 3 engineering support for B2B authentication, identity federation, provisioning, and access control incidents, ensuring issue resolution within established timeframes
  • Design and implement secure authentication integrations, including federation, SSO configurations, external identity governance, and least-privilege access controls
  • Draft and maintain required interconnect artifacts per customer/program, including Interconnect Security Agreements (ISA), Memoranda of Understanding (MOU), Memoranda of Agreement (MOA), and Memoranda for the Record (MFR), ensuring documentation reflects actual implemented technical controls
  • Support ATO and ATC documentation activities, including security control mapping, risk documentation, architectural diagrams, and stakeholder coordination
  • Develop repeatable templates, runbooks, and documentation standards to reduce cycle time and improve consistency across B2B partner enablement
  • Coordinate with cybersecurity, infrastructure, and application stakeholders to ensure integrations meet federal cybersecurity requirements and VA Handbook 6500 standards
  • Participate in release management activities, ensuring proper communication, coordination, and execution of B2B-related changes across stakeholders
  • Develop and maintain knowledge repositories, technical documentation, and training materials supporting B2B operations and enablement
  • Support custom identity integration engineering efforts where required to meet agency-specific collaboration needs
  • Contribute to continuous improvement initiatives that enhance scalability, automation, and security posture of the B2B program

Requirements:

Qualifications

  • Bachelor’s degree in Information Technology, or a related field (or equivalent professional experience)
  • Minimum eight (8) years of IT experience, with at least seven (7) years supporting enterprise Microsoft 365 environments
  • Minimum eight (8) years of progressive IT experience, including seven (7) years of hands-on Microsoft Entra ID / Azure AD engineering within large-scale enterprise or federal environments
  • Demonstrated experience conducting tenant assessments, designing and implementing Entra ID B2B and external identity solutions in hybrid Active Directory environments (on-prem AD authoritative)
  • Proven ability to lead identity-focused site assessments, develop integration and enablement plans, and execute secure cross-tenant collaboration and synchronization configurations
  • Hands-on experience configuring conditional access policies, authentication methods, federation, identity governance controls, and cross-tenant access settings
  • Experience supporting ATO and/or ATC processes, including drafting or contributing to interconnect documentation (ISA, MOU, MOA, MFR) aligned to implemented technical controls
  • Strong knowledge of RMF principles, federal cybersecurity standards, and secure identity architecture design, with experience resolving complex Tier 3 identity and authentication incidents in SLA-driven environments

Preferred Technical Qualifications

  • Certifications: Relevant Microsoft identity and security certifications (e.g., Microsoft Identity and Access Administrator, Azure Solutions Architect Expert, Microsoft 365 Enterprise Administrator Expert) and/or ITIL Foundation; equivalent senior-level enterprise experience supporting Entra ID and federal identity integrations may be accepted in lieu of specific certifications
  • Microsoft Entra ID / Azure AD: External Identities (B2B), Cross-Tenant Access Policies, Conditional Access, Identity Protection, Access Reviews, Privileged Identity Management (PIM), Hybrid Identity, Federation Services
  • Hybrid Identity Architecture: On-prem Active Directory integration, directory synchronization, identity lifecycle management, and authentication flow design
  • Security & Compliance Frameworks: VA Handbook 6500, RMF control mapping, ATO/ATC support documentation, NIST 800-53 familiarity
  • B2B Integration Engineering: Identity federation, SSO configurations, secure partner onboarding workflows, guest lifecycle governance, least privilege access models
  • Automation & Scripting: PowerShell (AzureAD, Microsoft Graph, Entra modules) for identity configuration, policy deployment, reporting, and repeatable enablement processes
  • Service Management & Governance: SLA-driven support models, release management coordination, intake procedures, knowledge repository maintenance
  • Documentation & Artifacts: Development of ISA, MOU, MOA, MFR artifacts; security architecture diagrams; integration plans; technical runbooks
  • Enterprise Security Engineering: Incident response support, authentication threat mitigation, identity risk monitoring, and secure configuration validation

Physical Demands

  • Must be able to sit and stand for extended periods of time
  • Occasional travel and overtime may be required

Required Clearances and Screenings

  • This position is subject to a government background investigation and must meet eligibility for a position designated with Moderate Risk sensitivity
  • Candidates with current Veterans Affairs (VA) Tier 2/Moderate Background Investigation or equivalent (e.g., DoD Tier 3/NACLC, Active Secret) are preferred

More open positions

Azure Engineer, Associate

Work from home Full-time role

Data Engineer (GCP) - Remote PT

Work from home Full-time role

[Remote] GCP Cloud Engineer/Architect

Work from home Full-time role

Senior Google Cloud Platform Engineer

Work from home Full-time role

Google Cloud Platform (GCP) Systems Engineer - Tier II

Work from home Full-time role

Freelance Consultant – Public Sector & Economic Advisory (Malaysia)

Work from home Full-time role

Regional Clinical Research Associate (REMOTE)

Work from home Full-time role

Entry-Level Data Entry Specialist – High‑Volume Retail Data Management – $29/hr – Join careerzynith’s Global Operations Team

Work from home Full-time role

Experienced Full Stack Customer Service Representative – High Paying Remote Work Opportunities

Work from home Full-time role

Tech Lead, Web Core Product & Chrome Extension - Dallas, TX, USA

Work from home Full-time role

Advertising Account Executive

Work from home Full-time role

REMOTE SALES EXECUTIVE – FASHION CONVENTION BOOTH SALES (Base + Commission)

Work from home Full-time role

[Remote] VP, Advanced Concepts and Training - Life Insurance & Related Products

Work from home Full-time role

Staff Product Manager, Infrastructure & AI Dev Tools (Seattle, WA / PST Preferred)

Work from home Full-time role

Lead Software/ DevOps Engineer - Remote (EST/CST)

Work from home Full-time role

Key Account Manager

Work from home Full-time role

Marketing Manager (m/w/d) - Campaign Strategy

Work from home Full-time role

Freelance Storyboard and Animatic Artist

Work from home Full-time role

Part-Time Faculty, Undergrad &/or Graduate Data Analytics, GuidedPath &/or FlexPath

Work from home Full-time role

AI/ML Specialist Solutions Architect

Work from home Full-time role

Mortgage Closing Specialist

Work from home Full-time role