8+ Years of Technical IAM Domain experience with minimum 5 years of development experience in Microsoft Azure. 

Includes ability to delegate more routine tasks to other team members to support overall delivery, plus ability to work closely with the Business Analyst on process design. 

    Mandatory : 

•  
  • C#, MVC, Asp.Net, Rest API, Advanced PowerShell, Experience with CI/CD pipelines and secure development standards. 
  • Build automation as required 
  • Capability to implement Azure Automation account, Function app and Logics app. 
  • Good understanding and experience following test-driven development and continuous integration practices 
  • Analysis and Design – Transforms high-level design in to low-level design, and implementation 
  • Graph API basic knowledge and overview will be a bonus, experience with any similar management API could also be considered. 
  • Knowledge across Azure AD SSO on-boarding(SAML, OAuth/OIDC), B2B, MFA 
  • Familiarity with Azure Active Directory users and groups management - querying user attributes, comparing and managing group memberships via PowerShell. 
  • Basic knowledge of oAuth flow vs Basic/Legacy auth flow. 
  • App registration in Azure and permissions consent framework basics. 

Desirable: 

•  
  • Conditional Access,  
    • Knowledge of Conditional Access, Identity protection (User risk and sign in risk policies and investigation & remediation of risky users) 

• Threat Handling 
  •  
    • Identification 
      • Identify Attack Patterns 
      • Identify false positives 
    • Prevention 
      • Perform pro-active & reactive measures in response to Incidents/Threats 
    • Troubleshooting and reporting via Azure AD sign in logs required. Log analytics/Azure Monitor querying experience desirable. 
    • Participate in deep- dive discussions/workshops with Microsoft Product Groups 
      • Eg. Azure Identity Protection deep-dive and feedback session 
    • Testing 
      • Testing of new Microsoft features and private preview feedback when applicable 
        • One time passcode for B2B users 
        • SSPR/MFA Converged Registration Experience 
        • SSPR Reporting 

Looking forward to hearing from you.