IT - Consultant - Infrastructure Management | Enterprise Mobility Solution | MS Azure AD, MS Azure RMS, MS Intune

Cloudspace LLC

Pittsburgh, PA(remote)

JOB DETAILS
SKILLS
Application Programming Interface (API), Authentication, Automation, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Cloud Computing, Common Language Infrastructure (CLI), Configuration Management, Consulting, Continuous Deployment/Delivery, Continuous Integration, Design Patterns Programming Methodologies, Documentation, ISO (International Organization for Standardization), Identity Data Management, Information Technology Consulting, Microsoft Access Database, Microsoft Active Directory, Microsoft Product Family, Microsoft Windows Azure, Password Security, Protocol Independent Multicast (PIM), Relocation Services, SQL (Structured Query Language), Sarbanes-Oxley Act (SOX), Security Information and Event Management (SIEM), Smartcards, Software Design, Standard Operating Procedures (SOP), Taxonomies, U.S. National Institute of Standards and Technology (NIST), Windows PowerShell, Writing Skills
LOCATION
Pittsburgh, PA
POSTED
5 days ago
POC: Brenda

Job title: Consultant

Duration of the project: 9 Months

Work Location with Zip code: 15219 onsite from Day-1

Is this an 100% remote role? - No

Vendor Rate Range (min to max rate you can offer): $62.5 to $72.0

Do you have budget approved for this request? Yes

Minimum years of experience required: 8+

Would you require the candidates to meet you for in person interview? - YES

Is Skype/WebEx interview, OK? Yes , Video mode interview .

Please Confirm Must Have Skills (TOP 3 SKILLS)

Azure IAM - Microsoft Entra ID administration, including PIM, JIT elevation, and Conditional Access for privileged roles,RBAC
MFA, Microsoft Sentinel (SIEM), Identity Monitoring, Audit & Compliance, Azure Policy, Management Groups, Managed Identities, Azure AD-based admin configs, Azure Monitor, Log Analytics (KQL)
Secrets Management - Azure Key Vault , Microsoft Graph API, Azure CLI
Please provide a Detailed Job Description. (Word Document if any).

Required Skills/ Experience

Deep hands-on expertise with Microsoft Entra ID (Azure AD), Azure RBAC, security groups, PIM, and JIT workflows
Strong Azure Policy and resource configuration: enable managed identities, provision Azure AD admin roles (e.g., Azure SQL), minimize local service keys
Strong authenticator management and MFA for privileged roles (e.g., smartcards, FIDO2 security keys) with enforced session configuration norms
NIST SP 800-53 FedRAMP High controls expertise relevant to IAM
Experience in highly regulated environments (federal/financial services)
Azure-native monitoring/logging for identity/access events (e.g., Entra sign-in/audit logs, Azure Monitor), AAA alignment, and alert routing to service owners/security teams
Access governance and documentation: author/maintain IAM policies/standards/SOPs, conduct periodic access reviews, support audit evidence and control tests
Baseline configuration management and accurate asset/data inventories aligned to enterprise configuration practices
Secret hygiene: eliminate static credentials in code/images; enforce password and authenticator protection
Preferred Skills/ Experience

Experience aligning Azure IAM/RBAC with internal policies/standards and external frameworks (e.g., SOX, ISO, NIST)
Exposure to application identity design patterns, least-privilege for service principals, and CI/CD controls for secret management (e.g., Key Vault, pipeline secret scanning
Advanced authenticator management
Required Software/ Technology

Microsoft Entra ID administration, including PIM, JIT elevation, and Conditional Access for privileged roles
Azure RBAC across management group/subscription/resource scopes, custom role design, and enterprise role taxonomy
Azure governance with Azure Policy and Management Groups to enforce least privilege guardrails
MFA with strong authenticators (FIDO2 security keys, smartcards) and Microsoft Authenticator configuration
Managed Identities for Azure services and Azure Key Vault integration to eliminate local service keys
Monitoring and logging via Azure Monitor, Activity Logs, Diagnostic Settings, and Log Analytics (KQL)
Security operations integration with Microsoft Sentinel (SIEM) and Microsoft Defender for Cloud
Administration and automation using PowerShell (Az and Microsoft Graph), Azure CLI, and Microsoft Graph API
Inventory and configuration governance using Azure Resource Graph, tagging strategies, and naming conventions
Preferred Software/ Technology

PowerShell; Azure CLI
Experience with CI/CD and DevSecOps integrations
Required Education/ Certifications


Preferred Education/ Certifications

Microsoft SC-300 (Identity and Access Administrator)
Microsoft AZ-500 (Azure Security Engineer)
CISSP or CCSP (nice to have), Project Code :Project code for Hyderabad STP

About the Company

C

Cloudspace LLC