Job Code:  ADMRBPE/08May2026/127
Job Title: AD Modernization & Role-Based Provisioning Engineer
Experience: 8+ Years
Job Type: Contract
Work Mode: Remote

Key Responsibilities
• Assess current Active Directory footprint and identify applications still reliant on Kerberos, NTLM, and legacy auth
• Provide guidance and code-level support to app teams adopting MSAL, OIDC, and modern auth standards
• Implement SCIM provisioning for supported downstream applications
• Build Azure Functions integrations for non-SCIM applications (e.g., Ivanti Neurons integration)
• Configure role-based access packages to provision users into downstream apps based on Entra role assignments
• Support app teams in migrating AD group dependencies to Entra ID dynamic groups or access packages
• Document legacy application sunset plans and cloud-native migration paths
• Establish best practices and runbooks for ongoing AD minimization

Required Skills
• 8+ years with Active Directory architecture and operations
• Strong understanding of modern authentication protocols (OIDC, MSAL, OAuth2)
• Experience writing Azure Functions or Logic Apps for identity integration
• Familiarity with SCIM 2.0 provisioning protocol
• PowerShell and/or Python scripting for automation
• Ability to engage with development teams as a technical advisor