On behalf of our Client from the Caribbean region, Mobilunity is looking for an Entra Identity Engineer.
Our Client is the largest bank in the Caribbean region that serves 14 countries/territories. The aim is to transform this organization from a traditional bank into a new era of fintech, leveraging the cutting-edge of current fintech offerings.
The Entra Identity Engineer implements, configures, and operates Microsoft Entra ID capabilities for workforce, privileged, application, and hybrid identity scenarios. This is a hands-on engineering role focused on secure, resilient identity operations and integration with cloud and on-prem systems.
Responsibilities: * Implement and manage Microsoft Entra ID tenants, users, groups, roles, and directory settings * Configure MFA, Conditional Access, Identity Protection, and RBAC policies with least-privilege and break-glass controls * Integrate Entra ID with on-prem directories for hybrid identity (Azure AD Connect / Cloud Sync), including sync rules and writeback * Secure service principals, managed identities, and app registrations (certificates/secrets governance, permissions consent, token lifetimes) * Support identity components for cloud migrations and modern authentication (deprecate legacy auth, enable device compliance and SSO) * Troubleshoot authentication, authorization, and token-related issues across apps, devices, and protocols * Enable and support identity requirements for cloud platforms and applications (Azure, M365, SaaS, custom apps, APIs) * Automate routine operations with PowerShell and/or GitHub Actions/Azure Automation (policy deployment, user lifecycle, access reviews) * Implement monitoring, alerting, and incident response using Entra logs, sign-in risk, audit trails, and SIEM integrations * Partner with security, compliance, and application teams to meet regulatory and audit requirements.
Requirements: * Microsoft Entra ID (Azure AD) administration and troubleshooting across tenants and enterprise-scale environments * Conditional Access, MFA, Identity Protection policy design, testing, and safe rollout strategies * Hybrid identity patterns and tooling (Azure AD Connect / Cloud Sync, Pass-through Authentication, Seamless SSO) * OAuth2 / OIDC token handling and claims mapping; understanding scopes, consent, and grant types * PowerShell & automation for identity operations (MSOnline/AzureAD/Microsoft Graph modules) * Monitoring and log analysis for identity events (sign-ins, audit, risky users/sessions, service principals) * Privileged Identity Management (PIM) configuration, approval workflows, just-in-time access, and access reviews * Solid understanding of RBAC, directory roles, admin unit scoping, and least-privilege design * Working knowledge of device-based access (Intune compliance, device registration/Join, FIDO2/Windows Hello for Business) * Microsoft Certified: Identity and Access Administrator Associate * Microsoft Entra ID security and governance training * Azure security fundamentals (e.g., network basics, Key Vault, Defender for Cloud) * PowerShell automation training and scripting best practices * Basic OAuth/OIDC protocol training and token troubleshooting
Experience required: * 4–7 years in identity or cloud engineering roles * Hands-on experience with Entra ID in enterprise or regulated environments * Experience supporting MFA rollouts and secure application access at scale * Exposure to cloud migration or hybrid identity deployments * Operational experience supporting identity platforms in production with on-call participation
Success Measure: * Reduction in risky sign-ins and identity-related incidents * On-time, low-friction rollout of Conditional Access and MFA policies * Mean time to resolution (MTTR) for identity incidents consistently trending down * Automation coverage for routine identity tasks and policy deployments * Positive audit outcomes for identity controls and privileged access
In return, we offer: * The friendliest community of like-minded IT people * Open knowledge-sharing environment — exclusive access to a rich pool of colleagues willing to share their endless insights into the broadest variety of modern technologies * Mobilunity Medical Insurance program is designed to meet our team’s needs * Paid vacations and sick leaves, including 5 paid days per year that don’t require a sick note * Perfect office location in the city center (900m from Lukyanivska metro station with a green and spacious neighborhood) or remote mode engagement: you can choose a convenient one for you, with a possibility to fit together both * No open-spaces setup — separate rooms for every team’s comfort, and multiple lounge and gaming zones * English classes in 1-to-1 & group modes with elements of gamification * Neverending fun: sports events, tournaments, music band, multiple affinity groups
