Cybersecurity Engineer – Senior Principal
Herndon, Virginia, United States of America
Full Time
1 hour ago
$164,382 - $189,750 USD
H1B Sponsor
Key skills
AzureCloudCyber SecurityPowerShellIAMEntra IDOAuthOktaSAMLActive DirectorySSOLeadershipZero Trust
About this role
Role Overview
- Partner with senior leadership, cloud architects, and cybersecurity teams to design secure identity and authentication controls across Microsoft 365, Azure, and hybrid environments—balancing innovation, resilience, and compliance.
- Engineer, implement, and manage Microsoft Entra ID authentication solutions including Conditional Access, MFA, passwordless strategies, identity protections, authentication strength policies, and Zero Trust–aligned guardrails.
- Oversee complex authentication and federation integrations including SAML, OAuth/OIDC, Entra ID Application Proxy, certificate-based auth, header-based auth, and legacy protocol reductions or retirements.
- Lead modernization efforts including consolidation of authentication methods, migration from legacy identity providers, and the implementation of modern, cloud-native identity protections.
- Drive automation of identity lifecycle and authentication management using PowerShell, Graph API, and cloud automation platforms.
- Support compliance, audit readiness, and governance reviews via automated reporting, monitoring dashboards, and robust operational documentation.
- Troubleshoot identity, MFA, SSO, and application access issues across hybrid AD, Entra ID, and federated authentication platforms—partnering with security operations, service owners, and application teams.
- Serve as a subject-matter expert in authentication security, risk reduction, hardening, and alignment with enterprise and regulatory frameworks (Zero Trust, NIST, DoW, ITAR, etc.)
Requirements
- 10+ years of related experience
- Expertise with Conditional Access, modern authentication methods (MFA, passwordless, FIDO2, Windows Hello for Business, device-based auth)
- Education: Bachelor's Degree or 4 years of additional experience
- Required Technical Skills: Identity Access Management (IAM), Identity Governance (IG), Privileged Access Management (PAM), Zero Trust Architecture (ZTA)
- Required Skills and Abilities: Automation using PowerShell, Microsoft Graph, or API-based workflows. Microsoft Entra ID Administration, Active Directory Integration
- Preferred Skills: Experience designing or supporting federated authentication (SAML, OAuth/OIDC, WS-Fed). Deep troubleshooting skills across hybrid identity stacks (Entra ID, AD, ADFS, Entra Connect). Understanding of Zero Trust principles and cloud authentication security baselines. Familiarity with Okta as an IDP.
- Relevant certifications preferred (MS-100/102, AZ-305, SC-300)
Tech Stack
- Azure
- Cloud
- Cyber Security
Benefits
- Full-flex work week to own your priorities at work and at home
- 401K with company match
- Comprehensive health and wellness packages
- Internal mobility team dedicated to helping you own your career
- Professional growth opportunities including paid education and certifications
- Cutting-edge technology you can learn from
- Rest and recharge with paid vacation and holidays