Cloud Engineer II - Identity, Entra & B2B Collaboration

When you join AIS, you're joining a mission-driven team that's passionate about making a difference. You'll work on projects that matter, alongside industry-leading experts, in an environment that fosters innovation, driving client success, and empowering our team to make a lasting impact. As an employee-owned company, we value collaboration, inclusivity, continuous growth, and shared success.

• Employee Ownership: Your contributions directly impact the company's success, and you share in its achievements.

• Continuous Learning: Access to resources, training, and mentorship to support your professional growth.

• Inclusive Culture: A workplace where diversity is celebrated, and everyone's voice is valued.

• Mission-Driven Work: Engage in projects that make a meaningful difference for our clients and communities.

At AIS, we're looking for more than just skills - we're looking for driven individuals who are passionate about making a difference, eager to grow, and aligned with our core principles.

• Core Knowledge & Skills: Manages routing/switching and network security, multiOS environments, virtualization (e.g., VMware/HyperV), core cloud services, and release of IaC via pipelines; automates common admin tasks.

• Work & Complexity: Plans and executes upgrades/migrations, configures network devices and services, responds to incidents, monitors performance, and manages resources.

• Quality & Independence: Implements proactive monitoring, produces accurate documentation, improves processes, and works independently within project scope.

• Teamwork & Communication: Partners with peer teams, shares knowledge, coordinates changes, reports progress, and supports/train users.

• Consulting & Engagement: Advises internal teams on solutions and tools, evaluates technologies, recommends optimizations, and coordinates vendor support.

AIS is seeking a mid-level Azure Engineer with strong experience in identity and access management (IAM), Microsoft Entra ID, and Azure B2B collaboration. This role will support the design, implementation, administration, and operational support of enterprise identity services across Azure and Microsoft 365 environments, with a focus on secure access, external collaboration, governance, and lifecycle management. This engineer will work closely with security, infrastructure, endpoint, and application teams to deliver secure, scalable identity services for both internal and external users.

• Administer and support Microsoft Entra ID identity services across Azure and Microsoft 365 environments.

• Configure and maintain Azure B2B / Entra External ID collaboration capabilities for guest users, partner access, and cross-tenant collaboration.

• Support identity and access management functions including User and group administration; Group-based access assignment; Role-based access control (RBAC); Administrative role delegation; Access reviews; and Entitlement management.

• Implement and support identity security controls including Multi-factor authentication (MFA); Conditional Access; Identity protection policies; Self-service password reset (SSPR); and Authentication methods management

• Support onboarding, access provisioning, lifecycle management, and offboarding processes for internal and external identities.

• Configure and troubleshoot guest access and collaboration settings across Microsoft 365 and Azure-integrated applications.

• Support governance of external identities, including invitation workflows, guest user restrictions, terms of use, and periodic access validation.

• Assist with design and implementation of least privilege and Zero Trust aligned access models.

• Support application access integration using enterprise applications, SSO, federation, and claims-based access where applicable.

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field, or equivalent practical experience.

• 3-6 years of infrastructure, cloud, or identity engineering experience.

• 2+ years of hands-on experience administering Microsoft Entra ID / Azure AD.

• Experience supporting IAM capabilities in Azure and Microsoft 365 environments.

• Hands-on experience with Microsoft Entra ID, Conditional Access, MFA, RBAC, Azure B2B / guest collaboration, and Enterprise applications / SSO.

• Experience supporting identity lifecycle management for users, groups, and external collaborators.

• Working knowledge of authentication and federation concepts such as SAML, OAuth, OpenID Connect, and claims-based access.

• Experience troubleshooting authentication, access, and policy-related issues.

• Familiarity with PowerShell for identity administration and reporting.

• Understanding of security principles including least privilege, access governance, and Zero Trust.

• Experience with Entra ID Governance, Access Reviews, Entitlement Management, Privileged Identity Management (PIM), Cross-tenant access settings, External Identities / Entra External ID.

• Familiarity with Hybrid identity and directory synchronization; Microsoft 365 collaboration governance; B2B access for SharePoint, Teams, and Azure-integrated applications; Application registration and service principals; and Identity logging and monitoring.

• Experience working in regulated environments such as government, defense, healthcare, or financial services.

• Knowledge of security and compliance frameworks such as Zero Trust, NIST, or CIS controls.

Applied Information Sciences does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis. Employment decisions are based solely on qualifications, merit, and business needs.