Security Engineer

Job Description:

Microsoft Entra (Entra ID, Permissions Management, ID Governance)

• Identity & Access Management (IAM) concepts (SSO, MFA, conditional access, RBAC).
• Entra ID administration (user/group management, app registration, service principals).
• Federation & integration (SAML, OAuth 2.0, OpenID Connect).
• Identity Governance (access reviews, entitlement management, lifecycle workflows).
• Permissions Management (cloud entitlements across Azure, GCP).
• Troubleshooting authentication & authorization issues.

Microsoft Azure

• Azure AD / Entra integration with Azure resources.
• Azure RBAC & security best practices.
• Azure Policy & compliance management.
• Azure Monitor, Log Analytics, Sentinel (security monitoring).
• Familiarity with ARM templates/Bicep for infrastructure automation.

Microsoft Active Directory (AD)

• AD domain services administration (user, group, OU, GPO).
• Domain & forest trust management.
• DNS integration with AD.
• AD replication & troubleshooting (dcdiag, repadmin).
• Security hardening (admin tiering, delegation).
• AD backup & recovery procedures.

Microsoft Active Directory Certificate Services (AD CS)

• PKI concepts (public/private keys, X.509 certificates, CRL, OCSP).
• Installing & configuring AD CS (root CA, subordinate CA).
• Certificate templates, enrollment policies, and auto-enrollment.
• Managing CRLs & OCSP responders.
• Securing CA infrastructure & key material.
• Certificate lifecycle management & renewal automation.

Certificate Lifecycle Management (CLM)

• Managing certificate inventories & expiration alerts.
• Automated issuance & renewal (SCEP, ACME protocols).
• Integrating PKI with endpoint, server, and network devices.
• Governance & compliance for certificate usage.
• Transitioning cryptographic algorithms (e.g., SHA-1 → SHA-256, RSA → ECC).

Microsoft PKI

• Deep understanding of PKI trust chains.
• Secure design of enterprise PKI.
• Policy & practice statement creation.
• Hardware Security Module (HSM) integration.
• Root & subordinate CA separation & protection.

Microsoft Network Policy Server (NPS)

• RADIUS server configuration.
• Integration with AD for authentication.
• NPS policies for wired/wireless 802.1X authentication.
• NPS & MFA integration.
• Troubleshooting RADIUS authentication issues (logs, Event Viewer).

Google Cloud Console Management

• GCP IAM (roles, service accounts, policies).
• Project, folder, and organization-level resource management.
• Integration with external identity providers (Entra ID, SAML).
• Monitoring & logging with Google Cloud Operations Suite.
• Security best practices in GCP (org policy, security command center).

Requirements:

• Bachelor’s degree in IT, Engineering, or related field.
• Experience: 8 Years - 12 Years.