Identity & Access Management (IAM) Ops Engineer

We are seeking a Microsoft IAM Operations Engineer to support and operate Align’s enterprise identity and collaboration platforms. This role is purely operational, focused on day-to-day stability, incident response, access operations, and service reliability across Microsoft Entra ID, IAM foundational services, and Microsoft 365 workloads.

You will be part of a global operations model supporting identity, access, and collaboration services during business-critical hours.

In this Role, You Will…

· Provide operational support for Microsoft Entra ID (Azure AD) and IAM services

· Handle user lifecycle operations (joiner, mover, leaver), access requests, and role assignments

· Support Conditional Access, MFA, PIM, and access policy enforcement

· Monitor and respond to identity-related incidents, alerts, and service degradations

· Perform routine IAM health checks, access reviews support, and audit evidence collection

· Support Active Directory (on-prem and hybrid) operations

· Troubleshoot authentication issues involving DNS, certificates, Kerberos, tokens, and trust chains

· Support PKI operations, including certificate issuance, renewal, and incident handling

· Assist with routine identity platform maintenance and change execution

· Use PowerShell scripts for bulk operations, access updates, and operational tasks

· Execute and support existing automation runbooks

· Assist in identifying repetitive tasks suitable for automation

· Provide operational support for Microsoft 365 services, including:

o Exchange Online (mailbox access, permissions, mail flow issues)

o SharePoint Online & OneDrive (access, sharing issues)

o Microsoft Teams (user access, policies, basic troubleshooting)

· Support Purview-related operational tasks, such as retention policy validation and access checks

· Work with UCC and Collaboration teams during incidents and escalations

· 6–7 years of experience in IAM / Entra / Microsoft identity operations

· Operational experience with Active Directory and hybrid identity

· PowerShell scripting skills for automation and tooling

· Solid knowledge of PKI, certificate services, and certificate lifecycle management

· Operational experience with Privileged Identity Management (PIM)

· Strong hands-on experience with SSO, SCIM provisioning, and modern authentication protocols (OAuth, OIDC, SAML)

· Enterprise DHCP, GPO & DNS administration experience

· Experience supporting Microsoft 365 services is a strong advantage

· Comfort working in shift-based operational models

· Strong analytical, problem-solving, and documentation skills