Microsoft Entra ID Architect
Our client, a leading global supplier for IT services, requires Microsoft Entra ID Architect to be based at their client’s office in London, UK.
This is a hybrid role – you can work remotely in the UK and attend the London office 2-3 days per week .
This is a 12 month temporary contract to start asap
Day rate: Competitive Market rate
The Microsoft Entra ID Architect is responsible for defining the target‑state architecture for enterprise identity using Microsoft Entra ID, with a strong focus on Identity Governance, Secure Access, and API‑driven provisioning. This role sets standards, reference architectures, and delivery patterns used by onsite and offshore teams.
Key Responsibilities
Entra ID Architecture (Primary)
- Own Microsoft Entra ID tenant‑level architecture spanning:
- Conditional Access
- Authentication Methods (MFA, Passwordless, FIDO2)
- Identity Protection
- Privileged Identity Management (PIM)
- Define Zero Trust identity architecture using Entra signals (user risk, sign‑in risk, compliant device, location).
Entra Identity Governance (Core)
- Architect enterprise use of Microsoft Entra Identity Governance, including:
- Lifecycle Workflows (Joiner / Mover / Leaver automation)
- Entitlement Management (Access Packages, Access Policies)
- Access Reviews (apps, groups, privileged roles)
- PIM role model and activation strategy
- Define role‑based access models aligned to audit and compliance needs.
Provisioning & Integration Architecture
- Design API‑first provisioning patterns using:
- Entra ID Provisioning Service
- Microsoft Graph API
- SCIM‑based provisioning
- Custom provisioning for bespoke / on‑prem applications
- Define workflow orchestration using Logic Apps and Power Automate.
- Provide architecture for integrations with:
- HR systems (e.g. Workday / SAP)
- SaaS platforms
- On‑prem directories and legacy applications
Secure Access & External Collaboration
- Architect B2B Collaboration and Cross‑Tenant Access Settings.
- Define Cross‑Tenant Synchronisation patterns and governance controls.
- Define security boundaries for guest and external identities.
DevOps & Identity‑as‑Code
- Establish Identity‑as‑Code standards using:
- Microsoft Graph
- PowerShell
- CI/CD pipelines (Azure DevOps / GitHub Actions)
- Define versioning, promotion, rollback, and auditability for Entra ID configuration.
Hybrid Identity (Secondary)
- Provide architectural guidance for Entra ID Connect / Cloud Sync.
- Define identity source authority, attribute ownership, and lifecycle boundaries with Active Directory.
Key Requirements
Essential Skills:
- 10+ years in Identity & Access Management architecture.
- Deep expertise in Microsoft Entra ID and Entra Identity Governance.
- Strong design experience with Conditional Access, Identity Protection, PIM.
Desirable Skills:
- Proven architecture experience with Graph API, SCIM, Lifecycle Workflows.
- Strong stakeholder and design‑authority skills
Due to the volume of applications received, unfortunately we cannot respond to everyone.
If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
Please do keep an eye on our website https://projectrecruit.com/jobs/ for future roles.
