Lead Entra Security Engineer

Become a part of our caring community

*Selected candidate must reside within approximately 60 minutes driving distance from one of the following locations: (Louisville KY, NYC Metro, Dallas Metro, Charlotte NC Metro, South Florida(Tampa/Miami/Ft Lauderdale) , Washington DC metro, Chicago, Boston, Atlanta, Nashville)
The Lead Entra Security Engineer will drive both the architectural vision and hands-on engineering implementation of enterprise identity services across multiple Entra ID tenants. This role is responsible for designing and building modern identity controls across workforce, B2B, and application environments, while standardizing configurations and strengthening identity security posture.
The Lead Entra Security Engineer will partner closely with security, platform, and application teams to deliver secure-by-design identity solutions, modernize authentication and access controls, and enable scalable identity patterns aligned to Zero Trust principles. This role requires deep Entra expertise, strong engineering capability, and the ability to translate complex identity challenges into practical, enforceable solutions.

Key Responsibilities

  • Engineer, implement, and help design identity controls across multiple Entra tenants, including Conditional Access, MFA, Identity Protection, and governance capabilities
  • Implement and standardize cross-tenant access patterns, partnering on design decisions for B2B collaboration, Multi-Tenant Organizations (MTO), and external identity controls
  • Lead implementation of Privileged Identity Management (PIM), access reviews, and least privilege access models
  • Engineer and optimize authentication and SSO integrations (SAML, OAuth, OIDC) across SaaS and enterprise applications
  • Execute tenant standardization efforts, ensuring consistent policies, authentication methods, and governance controls
  • Troubleshoot and resolve complex authentication, authorization, and provisioning issues
  • Develop automation using PowerShell, Microsoft Graph, Terraform, Azure Logic Apps, etc. to scale identity operations
  • Partner with application and platform teams to embed identity-security-by-design into solutions and integrations
  • Contribute to and operationalize identity security baselines aligned to Zero Trust principles
  • Identify, engineer, and implement improvements to strengthen identity posture, reduce risk, and improve user experience
  • Create and maintain reusable engineering patterns, scripts, and documentation for Entra security controls


Use your skills to make an impact

Requirements

  • 7+ years of experience in identity engineering, IAM architecture, or cloud identity security in large environments
  • Deep expertise in Microsoft Entra ID (Azure AD) across multi-tenant environments
  • Strong hands-on experience with:
    • Conditional Access and MFA strategy
    • Privileged Identity Management (PIM)
    • Identity Protection and governance
    • B2B, Multi-Tenant Org (MTO) and cross-tenant access configurations
    • Entra ID Sign-In, Audit, and other security log analysis
    • Azure RBAC
  • Some hands-on experience or commensurate knowledge of
    • Datacenter technologies and topologies
    • Azure IaaS/PaaS Infrastructure
    • Common Enterprise User Networking Technologies (i.e. VPN, SASE/ZTNA)
    • Intune and Microsoft 365 suite
    • Virtual Desktop Infrastructure technologies
    • Microsoft Purview / DLP technologies
  • Strong understanding of modern identity protocols (OIDC, OAuth2, SAML)
  • Experience integrating identity into SaaS, APIs, and enterprise platforms
  • Proven ability to design, implement, and standardize identity controls at scale
  • Strong automation skills (PowerShell, Microsoft Graph, Terraform or similar)
  • Ability to translate architectural vision into executable engineering outcomes
  • Ability to influence cross-functional teams
  • Hands-on problem solver capable of supporting complex identity escalations

Preferred Requirements

  • Experience with multi-tenant governance or identity transformation initiatives
  • Familiarity with hybrid identity (Entra Connect / Cloud Sync) and identity monitoring tools
  • Experience operating in regulated environments (SOX, HIPAA, etc.)
  • Relevant certifications (e.g., SC-300, SC-100, CISSP)

Work at Home Requirements
To ensure Home or Hybrid Home/Office employees’ ability to work effectively, the self-provided internet service of Home or Hybrid Home/Office employees must meet the following criteria:

At minimum, a download speed of 25 Mbps and an upload speed of 10 Mbps is required; wireless, wired cable or DSL connection is suggested. In certain roles, the minimum recommended internet speed required by Humana may not be sufficient for business needs. Humana reserves the right to require associates to upgrade their internet service if necessary.

Work from a dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information.

Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.

Scheduled Weekly Hours

40

Pay Range

The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.


$142,300 - $195,700 per year


This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.

Description of Benefits

Humana, Inc. and its affiliated subsidiaries (collectively, “Humana”) offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.


About us

About Humana: Humana Inc. (NYSE: HUM) is a leading U.S. healthcare company. Through our Humana insurance services and our CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health – delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare and Medicaid, families, individuals, military service personnel, and communities at large. Learn more about what we offer at Humana.com and at CenterWell.com.


Equal Opportunity Employer

It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.