MODERN WORKPLACE IDENTITY PLATFORM ENGINEER AT TEKNOWLEDGE | ENGINEER JOBS IN LAGOS

About Company:

At TeKnowledge, we turn complexity into clarity – and potential into progress. We go beyond problem-solving to transform how you grow. By blending cutting-edge technology with expert insight, we help enterprises, governments and tech vendors tackle their biggest challenges while preparing them for what’s next. From strategy to execution, we drive smarter, faster, and more sustained innovation—empowering organizations with the capability and control to lead with confidence.

Job Description:

• The Modern Workplace Identity Platform Engineer is responsible for implementing, operating, and improving identity services across the Microsoft Modern Workplace environment.
• This role focuses on Microsoft Entra ID, authentication, authorization, Conditional Access, SSO, identity lifecycle automation, access governance, application identity, and Microsoft Graph-based automation.
• The engineer helps ensure that users, groups, applications, service identities, and privileged access are secure, auditable, automated, and scalable.

Responsibilities

• Manage and support Microsoft Entra ID identity services.
• Administer users, groups, dynamic groups, administrative units, roles, and directory objects.
• Support authentication methods including MFA, passwordless authentication, and modern authentication.
• Configure and maintain Conditional Access policies.
• Support identity protection, risky users, risky sign-ins, and related remediation processes.
• Maintain identity platform documentation, operational procedures, and troubleshooting guides.
• Support enterprise application integrations using SAML, OAuth 2.0, OIDC, and SCIM.
• Configure and troubleshoot Single Sign-On integrations.
• Manage app registrations, service principals, redirect URIs, API permissions, certificates, and secrets.
• Troubleshoot authentication and authorization issues such as failed sign-ins, token problems, consent issues, redirect loops, and claims mapping problems.
• Work with application teams to define secure identity integration patterns.
• Support joiner, mover, leaver, contractor, guest, and admin identity processes.
• Implement and maintain lifecycle workflows and provisioning logic.
• Support automated user and group provisioning using Microsoft Graph, SCIM, and identity governance tools.
• Identify and clean up stale users, groups, guests, app assignments, and orphaned access.
• Help standardize identity lifecycle processes across platforms and business units.
• Support access reviews, entitlement management, access packages, and approval workflows.
• Assist with privileged access management using Microsoft Entra PIM.
• Monitor and report on privileged roles, standing access, stale assignments, and access drift.
• Produce reports showing who has access to what across users, groups, applications, and roles.
• Support audit and compliance evidence collection.
• Build and maintain PowerShell scripts using Microsoft Graph.
• Automate recurring identity operations, reporting, validation, and remediation tasks.
• Support automation using Azure Automation, Azure Functions, Logic Apps, or pipeline-based workflows.
• Create repeatable scripts for provisioning, cleanup, reporting, access validation, and operational checks.
• Maintain automation code in a structured and documented way.
• Support Entra-joined, hybrid-joined, and registered device identity scenarios.
• Collaborate with endpoint management teams on device compliance signals used by Conditional Access.
• Troubleshoot access issues related to device identity, compliance state, and authentication requirements.
• Ensure device-based access controls align with identity and security policies.

Requirements:

• Technical education with a Bachelor’s Degree is required.
• Master’s degree is good to have.
• At least 3 years of professional experience with Microsoft Entra ID.
• Experience with Microsoft Entra ID / Azure AD.
• Good understanding of identity and access management concepts.
• Experience with Conditional Access, MFA, authentication methods, and enterprise applications.
• Experience with SSO using SAML, OAuth 2.0, or OIDC.
• Experience with app registrations, service principals, API permissions, secrets, and certificates.
• PowerShell scripting experience.
• Basic to intermediate Microsoft Graph API knowledge.
• Fluent English.
• Fluent local language.

Salary

Application Closing Date: Not specified

Application Instructions:

CLICK ON THE LINK BELOW TO APPLY