Job Description We are looking for a highly skilled Azure AD & Active Directory Architect and Lead Engineer with deep expertise in Microsoft Entra ID, Azure PIM, and cross-cloud identity integration (AWS & GCP). This role demands a hands-on leader with a strong background in PowerShell scripting and automation, driving scalable and secure identity solutions across hybrid and multi-cloud environments. Key Responsibilities:  Design and implement hybrid identity solutions integrating Entra ID (Azure AD) with on-premises Active Directory.  Architect and manage Azure PIM, including access reviews, role elevation workflows, and approval governance.  Integrate Azure PIM with AWS IAM and Google Cloud IAM, enabling seamless JIT access and multi-cloud governance.  Lead the development of PowerShell-based automation for user lifecycle management, group provisioning, and audit/reporting.  Automate routine IAM tasks such as account cleanup, privileged access revocation, license assignment, and compliance reporting.  Develop and maintain reusable PowerShell modules and scripts leveraging Microsoft Graph, Entra ID, and REST APIs.  Drive Active Directory modernization including domain hardening, consolidation, and secure delegation.  Collaborate with Security, Infrastructure, and Application teams to enforce Zero Trust identity architecture.  Support compliance initiatives (SOX, GDPR, internal audit) through automated evidence collection and controls enforcement. We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements 8+ years of experience with Active Directory and Azure AD / Entra ID in enterprise environments.  Strong hands-on expertise in PowerShell scripting for automation, reporting, and integration.  Deep knowledge of Azure PIM, conditional access, RBAC, and identity governance.  Experience with multi-cloud identity integration: AWS IAM federation, GCP IAM roles, and cross-cloud SSO.  Proficient with Microsoft Graph API, AzureAD/Entra modules, and scripting best practices.  Solid understanding of SAML, OAuth2, SCIM, federation, and JIT access workflows.  Experience leading enterprise-scale IAM architecture or transformation projects. Automation of identity workflows using PowerShell, Logic Apps, or Azure Functions.  Familiarity with Privileged Access Management (PAM) solutions such as CyberArk or BeyondTrust.  Working knowledge of identity governance platforms like SailPoint, Saviynt, or Okta.  Experience integrating AD and Entra ID with HR systems, ticketing systems (e.g., ServiceNow), and DevOps tools. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.