Modern Workplace Identity Platform Engineer

TeKnowledge

Remote

The Modern Workplace Identity Platform Engineer is responsible for implementing, operating, and improving identity services across the Microsoft Modern Workplace environment. This role focuses on Microsoft Entra ID, authentication, authorization, Conditional Access, SSO, identity lifecycle automation, access governance, application identity, and Microsoft Graph-based automation.


The engineer helps ensure that users, groups, applications, service identities, and privileged access are secure, auditable, automated, and scalable.


At TeKnowledge, your work makes an impact from day one. We partner with organizations to deliver AI-First Expert Technology Services that

drive meaningful impact in AI, Customer Experience, and Cybersecurity. We turn complexity into clarity and potential into progress—in a place where people lead and tech empowers.


You’ll be part of a diverse and inclusive team where trust, teamwork, and shared success fuel everything we do. We push boundaries, using advanced technologies to solve complex challenges for clients around the world.


Here, your work drives real change, and your ideas help shape the future of technology. We invest in you with top-tier training, mentorship, and career development—ensuring you stay ahead in an ever-evolving world.


Why You’ll Enjoy It Here:

  • Be Part of Something Big – A growing company where your contributions matter.
  • Make an Immediate Impact – Support groundbreaking technologies with real-world results.
  • Work on Cutting-Edge Tech – AI, cybersecurity, and next-gen digital solutions.
  • Thrive in an Inclusive Team – A culture built on trust, collaboration, and respect.
  • We Care – Integrity, empathy, and purpose guide every decision.

We’re looking for innovators, problem-solvers, and experts ready to drive change and grow with us.


We Are TeKnowledge. Where People Lead and Tech Empowers.


Responsibilities


  • Manage and support Microsoft Entra ID identity services.
  • Administer users, groups, dynamic groups, administrative units, roles, and directory objects.
  • Support authentication methods including MFA, passwordless authentication, and modern authentication.
  • Configure and maintain Conditional Access policies.
  • Support identity protection, risky users, risky sign-ins, and related remediation processes.
  • Maintain identity platform documentation, operational procedures, and troubleshooting guides.
  • Support enterprise application integrations using SAML, OAuth 2.0, OIDC, and SCIM.
  • Configure and troubleshoot Single Sign-On integrations.
  • Manage app registrations, service principals, redirect URIs, API permissions, certificates, and secrets.
  • Troubleshoot authentication and authorization issues such as failed sign-ins, token problems, consent issues, redirect loops, and claims mapping problems.
  • Work with application teams to define secure identity integration patterns.
  • Support joiner, mover, leaver, contractor, guest, and admin identity processes.
  • Implement and maintain lifecycle workflows and provisioning logic.
  • Support automated user and group provisioning using Microsoft Graph, SCIM, and identity governance tools.
  • Identify and clean up stale users, groups, guests, app assignments, and orphaned access.
  • Help standardize identity lifecycle processes across platforms and business units.
  • Support access reviews, entitlement management, access packages, and approval workflows.
  • Assist with privileged access management using Microsoft Entra PIM.
  • Monitor and report on privileged roles, standing access, stale assignments, and access drift.
  • Produce reports showing who has access to what across users, groups, applications, and roles.
  • Support audit and compliance evidence collection.
  • Build and maintain PowerShell scripts using Microsoft Graph.
  • Automate recurring identity operations, reporting, validation, and remediation tasks.
  • Support automation using Azure Automation, Azure Functions, Logic Apps, or pipeline-based workflows.
  • Create repeatable scripts for provisioning, cleanup, reporting, access validation, and operational checks.
  • Maintain automation code in a structured and documented way.
  • Support Entra-joined, hybrid-joined, and registered device identity scenarios.
  • Collaborate with endpoint management teams on device compliance signals used by Conditional Access.
  • Troubleshoot access issues related to device identity, compliance state, and authentication requirements.
  • Ensure device-based access controls align with identity and security policies.


Qualifications


  • At least 3 years of professional experience with Microsoft Entra ID.
  • Technical education with a Bachelor’s degree is required.
  • Master’s degree is good to have.
  • Experience with Microsoft Entra ID / Azure AD.
  • Good understanding of identity and access management concepts.
  • Experience with Conditional Access, MFA, authentication methods, and enterprise applications.
  • Experience with SSO using SAML, OAuth 2.0, or OIDC.
  • Experience with app registrations, service principals, API permissions, secrets, and certificates.
  • PowerShell scripting experience.
  • Basic to intermediate Microsoft Graph API knowledge.
  • Fluent English.
  • Fluent local language.


TeKnowledge is an equal opportunity employer, and we believe in celebrating – diversity, equity, and inclusion. We are committed to building an equitable environment by providing fair employment opportunities in our communities without regard to gender, ethnicity, socio-economic background, disability, marital and veteran status. Our employees join us in adopting, celebrating, and championing our drive towards building an equitable opportunity environment. We do not and will not ask you to send or share with us any sensitive personal data.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.