For our client active in the postal and logistics sector, we are seeking a highly experienced and forward-thinking Active Directory & Entra ID Architect to join the global IT organization. This role is critical to the design and governance of the hybrid identity infrastructure, supporting secure access across a complex, multinational enterprise. The ideal candidate will bring deep technical expertise, strategic vision, and a collaborative mindset to drive innovation and resilience in the identity and access management (IAM) landscape. This role requires both technical excellence and the ability to act as a trusted advisor to stakeholders across IT, Security, and Business teams.
Your Mission
- Lead the architectural design and lifecycle management of Active Directory and Microsoft Entra ID across global environments.
- Define and implement hybrid identity strategies, ensuring seamless integration between on-premises AD and cloud-based Entra ID.
- Establish and enforce enterprise-wide Zero Trust frameworks, including Conditional Access, MFA, and Identity Protection policies.
- Drive large-scale migration initiatives from legacy identity platforms to modern cloud-native solutions.
- Collaborate with cybersecurity, compliance, and infrastructure teams to align IAM architecture with regulatory and operational requirements.
- Design and manage role-based access control (RBAC), Privileged Identity Management (PIM), and identity governance models.
- Develop automation scripts and workflows using PowerShell and other tools to streamline identity operations.
- Provide technical leadership, mentoring, and oversight to IAM engineers and support teams across regions.
- Define OU structures, forest/domain designs, trust relationships, and Group Policy strategies for scalability and compliance.
- Integrate Entra ID with SaaS applications, MDM platforms, and security tools for seamless lifecycle management.
- Establish high-availability, disaster recovery, and monitoring strategies for AD and Entra ID.
- Perform regular audits and assessments to ensure identity platforms meet compliance and regulatory requirements.
- Implement identity protection features such as risk-based sign-in detection, conditional access, and Just-in-Time (JIT) access controls.
- Partner with security architects, application owners, and cloud engineers to design secure integrations.
- Act as subject matter expert for identity-related initiatives, migrations, and transformations.
Your Profile
- Experience in enterprise-scale Active Directory and Microsoft Entra ID architecture and administration.
- Hands-on experience with Entra Connect, Entra ID Conditional Access, MFA, SSO, and federation technologies (SAML, OIDC, OAuth).
- Knowledge of Privileged Access Management (PAM) tools (CyberArk, Microsoft PIM, …).
- Proven expertise in LDAP, Kerberos, Group Policy, DNS, and hybrid identity configurations.
- Strong proficiency in Microsoft 365 security, Intune, Defender for Identity, and SSO/MFA implementations.
- Advanced scripting capabilities in PowerShell for automation and policy enforcement.
- Solid understanding of compliance frameworks such as ISO 27001, GDPR, and NIS2.
- Familiarity with Zero Trust frameworks, security hardening.
- Excellent communication skills with the ability to engage technical and non-technical stakeholders.
- Relevant certifications such as Microsoft Certified: Identity and Access Administrator Associate, Cybersecurity Architect Expert, or Azure Solutions Architect Expert are a plus.
