Job Summary

We are seeking an experienced Business Consultant Identity Architect to lead the design, implementation, and governance of enterprise Identity and Access Management solutions across on-premises, hybrid, and cloud environments. The ideal candidate will possess deep expertise in Microsoft Active Directory, Microsoft Entra ID (Azure Active Directory), and Microsoft Intune, with a strong background in identity architecture, authentication technologies, endpoint management, and enterprise transformation initiatives.

Key Responsibilities
• Serve as the primary technical expert for Microsoft Active Directory, Microsoft Entra ID (Azure Active Directory), and Microsoft Intune.
• Architect, implement, and oversee enterprise Identity and Access Management solutions across on-premises, hybrid, and cloud-based environments.
• Develop secure directory trust and domain collaboration models to support interaction across business units, partners, and external organizations.
• Lead identity and access integration efforts for enterprise transformation initiatives, including mergers, acquisitions, divestitures, consolidations, and organizational separations.
• Evaluate existing identity, directory, endpoint, and infrastructure environments to define future-state architecture and transition strategies.
• Design secure authentication, access control, federation, and Single Sign-On solutions across multiple platforms, applications, directories, and domains.
• Collaborate with Enterprise Architecture, Cybersecurity, Infrastructure, Endpoint Management, IAM, and Application teams to ensure alignment with enterprise standards and governance requirements.
• Provide technical leadership for endpoint management through Microsoft Intune, including device onboarding, configuration profiles, compliance policies, security controls, and device lifecycle management.
• Assess risks related to identity architecture, directory services, endpoint security, authentication flows, and infrastructure changes, and recommend mitigation strategies.
• Support directory migration, consolidation, coexistence, synchronization, and modernization initiatives.
• Create and maintain architecture documentation, design standards, governance materials, implementation guides, operational procedures, and runbooks.
• Ensure identity, authentication, directory, and endpoint management solutions comply with security policies, regulatory requirements, and enterprise architecture standards.

Required Qualifications
• 10+ years of experience in Identity and Access Management, infrastructure architecture, directory services, endpoint management, or related enterprise technology roles.
• Strong hands-on experience with Microsoft Active Directory, Microsoft Entra ID (Azure Active Directory), and Microsoft Intune.
• Proven experience designing and delivering enterprise identity solutions across hybrid, cloud, and multi-domain environments.
• Experience defining directory integration models, domain trust architectures, identity synchronization strategies, and coexistence approaches.
• Strong knowledge of authentication and authorization technologies, including SAML, OAuth 2.0, OpenID Connect, Kerberos, LDAP, federation, and Single Sign-On (SSO).
• Experience supporting identity integration initiatives related to mergers, acquisitions, divestitures, enterprise separations, or large-scale transformation programs.
• Solid understanding of endpoint management, device compliance, device security, lifecycle management, and policy enforcement.
• Ability to assess technical risks, identify security and architecture gaps, and implement effective mitigation strategies.
• Experience collaborating with cross-functional teams including security, infrastructure, architecture, application, endpoint, and business stakeholders.
• Strong communication, documentation, analytical, and problem-solving skills.