Abra professional services is seeking for a Identity & Access Management Tech Lead
To Lead the Identity & Access Management (IAM) team, combining people management with a hands-on Senior/Expert-level role.
End-to-end responsibility for the architecture, design, and implementation of identity solutions in a hybrid environment, including Active Directory, PKI, Azure, and Microsoft Entra ID, with a strong focus on continuous improvement of security and availability.
Lead the authentication and authorization team responsible for Active Directory, PKI infrastructure, Azure / Microsoft Entra ID, and related organizational processes.
Own the planning, architecture, and High-Level & Low-Level Design of identity solutions, including SSO, Federation, and cloud/on-prem integrations.
Continuously enhance identity-related security, including AD hardening, Conditional Access, MFA, and Zero Trust implementations for users and services.
Requirements
* At least 5 years of experience managing and operating Active Directory and IAM solutions in medium to large enterprises, including 2–3 years in a Senior hands-on role – Mandatory.
* Proven experience of 2–3 years managing and implementing Microsoft Entra ID / Azure AD in a hybrid environment, including Conditional Access and MFA – Mandatory.
* At least 5 years of hands-on experience and deep expertise in Active Directory, with a strong understanding of Kerberos (tokens, tickets, KDC, SPN, delegation) and its integration with Windows, Linux, and third-party applications – Mandatory.
* Proven experience designing hybrid identity architectures (On-Prem AD + Entra ID), including identity synchronization, federation, and SSO for core applications, including ADFS – Advantage.
* Significant hands-on experience with enterprise PKI infrastructures, including CA management and certificates for servers, users, and devices – Advantage.
* Very high proficiency in PowerShell, including complex scripting and automation of identity-related processes – Advantage.
* Strong familiarity with basic Azure networking, VMs, hybrid connectivity, and Azure AD Connect / Cloud Sync – Advantage.
* Experience with Identity Protection, advanced Conditional Access, Privileged Access Management (PAM), and standards such as SAML, OAuth2, OIDC, FIDO2/WebAuthn – Advantage.