Azure Active Directory Consultant (Azure AD)
*candidates must hold an ACTIVE and transferable SC*
Start: 2nd June
Duration: initial 9-weeks
Pay: negotiable, inside IR35
Location: ad hoc travel (minimal, must be commutable to central London)
We're looking for a specialist engineer to lead a key identity and access management project for a client. You'll be responsible for designing and deploying a secure, best-practice solution to separate high-privilege user accounts across a hybrid On-Prem Active Directory (AD) and Microsoft Entra environment.
What you'll be doing
- Investigate the current hybrid AD/Entra setup and user provisioning process using Microsoft tools.
- Identify all existing privileged users and roles across On-Prem and cloud environments.
- Design and test a secure, compliant solution for privileged account separation in line with NCSC and Microsoft guidance.
- Conduct user group testing and ensure minimal disruption during rollout to 30-150 users.
- Support deployment, produce high-quality technical documentation, and create clear summary reports for client approval.
What you'll need
- Strong expertise in Active Directory (OU design, GPOs, Tier-0 models).
- Advanced knowledge of Azure AD / Microsoft Entra ID, including role and identity management.
- Hands-on experience with Azure AD Connect, including filtering, sync issues, and admin disentanglement.
- Familiarity with Privileged Identity Management (PIM), JIT access, and PAW deployment.
- Solid understanding of zero-trust security, least privilege, and change management principles.
- Experience writing technical documentation, test plans, and client-facing reports.
- Excellent communication and interpersonal skills, with the ability to manage multiple priorities and stakeholders.
JBRP1_UKTJ