Senior Cloud & Identity Administrator

About The Position

Requirements

• 5+ years administering Microsoft 365 in a production environment
• Strong hands-on Azure and Entra ID administration experience
• Experience implementing Conditional Access and MFA at scale
• Experience designing and enforcing RBAC models
• Experience integrating SaaS applications using SAML or OIDC
• Experience with Intune endpoint management (Windows and macOS)
• Strong PowerShell scripting capability
• Experience improving loosely governed or under-documented environments
• Strong documentation and process discipline
• Ability to work independently while collaborating effectively with peers

Nice To Haves

• Microsoft certifications such as AZ-104, SC-300, MD-102, or similar
• Experience supporting SOC 2 readiness or audit preparation
• Familiarity with Microsoft Defender and related security tooling
• Exposure to AWS or Google Workspace administration
• Experience standardizing firewall or network device configurations
• Familiarity with CIS benchmarks or Microsoft security baselines
• ITIL Foundation or familiarity with IT service management practices

Responsibilities

• Design and enforce role-based access control (RBAC) within Entra ID
• Implement and maintain Conditional Access policies
• Enforce MFA standards across the organization
• Reduce and manage privileged access footprint
• Implement and support SSO integrations (SAML, OIDC, SCIM where applicable)
• Establish and improve Joiner/Mover/Leaver (JML) provisioning processes
• Conduct periodic access reviews
• Document identity architecture and standards
• Administer and optimize Microsoft 365 services (Exchange Online, Teams, SharePoint, OneDrive)
• Manage Azure tenant configuration and governance
• Oversee Entra ID configuration and security posture
• Manage Intune endpoint compliance and configuration (Windows and macOS)
• Improve Microsoft Secure Score strategically and responsibly
• Establish and maintain secure baseline configurations
• Implement security controls defined by security leadership
• Configure and operate Microsoft Defender tools
• Support vulnerability remediation efforts
• Improve logging, monitoring, and audit readiness
• Align configurations with industry best practices and internal governance standards
• Integrate and govern SaaS platforms within Entra ID
• Assess new SaaS providers with a security and controls mindset
• Support limited Google Workspace administration (training and partnership use)
• Support AWS training environments
• Assist in planning migration of AWS financial workloads to Azure
• Oversee secure configuration of perimeter network equipment across 14 offices
• Improve documentation of network architecture and device inventory
• Standardize firewall and VPN configuration practices
• Coordinate vendor support when required
• Build and document provisioning and deprovisioning workflows
• Establish change control discipline
• Create and maintain SOPs and runbooks
• Use PowerShell scripting to reduce repetitive work
• Improve documentation and operational transparency
• Serve as Tier 3 escalation resource for complex issues
• Collaborate with IT peers to elevate technical standards
• Introduce improvements in a constructive and team-oriented manner
• Focus on root-cause resolution and systemic fixes

Benefits

• SEI is a cloud-first, employee-owned consulting firm with a collaborative, values-driven culture.