Job Description :
Diageo Business Services
ROLE PROFILE
Job Title:
Specialist - Identity & Access Management (MS ENTRA / AAD)
Level:
L5C
Reports To:
Tanweer Alam - Senior Manager - Identity and Access Management Solutions and Transformation
Department:
D&T - Identity and Access Management
Context/Scope:
Diageo Digital & Technology (D&T) is a multi-functional global shared services function built to drive effectiveness and efficiency across our core operations and achieve our efficiency goals. We fuel growth for our markets through a focus on new capabilities, consistent, common, and available analytics, and data, and equipping our markets and functions through integrated solutions.
Want more jobs like this?
Get Management jobs in Bangalore, India delivered to your inbox every week.
As a "Azure Active Directory/MS Entra IAM Specialist", you will collaborate with technology peers, business, and Vendor partners to assess, design, build, implement and maintenance of all layers of IDAM applications, including Authorization/Authentication, Identity Registry Management, Identity Governance, Privileged Account Management
The IAM Specialist would need to have in-depth knowledge of identity management, authentication and authorization frameworks, and the ability to offer guidance on their integration into existing applications.
Specialist should have minimum 06 to 08 years of total experience in handling IAM technologies like - Azure Active Directory / Microsoft ENTRA & Onprem Active Directory along with 2+ years with L3 exposure support.
Dimensions:
Financial
Technical Experience
- Solid understanding of enterprise directory services Microsoft Entra / Azure Active Directory and On-prem Active Directory.
- Experience with core Azure Active Directory/ MS ENTRA capabilities
- Single sign-on (protocol as such as SAML, OAuth, and WS-Fed)
- Reverse proxy / Microsoft Entra application proxy
- Multifactor authentication
- Azure role-based access control (Azure RBAC)
- Security monitoring, alerts, & machine learning-based reports
- Consumer identity and access management-CIAM
- Device registration
- Privileged identity management- PIM
- Identity protection
- Hybrid identity management/Azure AD connect.
- Microsoft Entra access reviews
- Conditional Access Policy
- IDP Federation
- Experience with Azure Active Directory using the Graph API.
- Good understanding on DNS, DHCP & DFS
- Strong problem-solving and analytical skills, with the ability to translate business requirements into technical specifications and execute technical deliveries effectively.
- Experience with scripting, including PowerShell & KQL query.
- Ideally, you'd also have Familiarity with additional IAM technologies and tools, beyond Azure Active Directory, such as CyberArk & Saviynt.
Accountabilities
- Ensure Microsoft Entra Identity Solution and Onprem Active Directory services are managed.
- Ensuring configuration of Enterprise Applications, App registrations and Graph API permissions.
- Ensure to deployment and managing of Windows Hello 4 Business
- Ensuring Azure AD SSO using Modern auth protocols-SAML, OAUTH, OIDC. Manage Azure AD permissions along with App registration.
- Ensuring Azure AD Connect Tool, Configuring Synchronization Rules, Troubleshoot Synchronization Issues are managed.
- Ensuring Identity Governance, Conditional Access policies, Identity protection are configured as per requirement.
- Ensuring Hybrid Domain Join policies are managed.
- Azure PIM deployment and management.
- Ensuring Configuration of "Azure AD B2B & B2C" are managed.
- Lifecyle management of cloud objects (like - Group & Account).
- Develop, define, and maintain standards and supporting documentation while adhering to best practices.
- Evaluate existing systems, processes, and vendors, identifying any design gaps or risks.
- Work both independently and collaboratively with other IT teams, vendors, technology leaders, as well as end-users when necessary
- Monitoring enablement of IAM systems for security incidents and respond to any potential breaches or threats.
- Strong understanding of architecting and configuring Microsoft Windows OS technology including AD Forests, Domains, Trusts, DNS, DHCP, Group Policy and Organizational Units.
- Design, implement and manage of Active Directory Group Policy, Active Directory Replication, Backup, FSMO Role, Active Directory Federated Services and password/identity management systems.
- Follow and apply configuration and security standards and policies within a defined Change Management process.
Qualifications and Experience Required
- Bachelor's degree in computer science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work experience.
- 06 to 08 years of directly related experience supporting Identity Access Management operations and engineering with increasing responsibility.
- Certifications: SC-300: Microsoft Identity and Access Administrator
- ITIL Knowledge's.
Barriers to Success in Role
- Lack of Good communication & articulation skills - verbal & written
- Inability to collaborate well in a team and across organization spread across time zones.
- Lack of self-motivated and a diligent approach/attitude to passionately drive the initiative in a result-oriented manner.
Worker Type :
Regular
Primary Location:
Bangalore Karle Town SEZ
Additional Locations :
Job Posting Start Date :
2024-04-16