JOB DESCRIPTION

BAE Systems, a top-ten prime contractor to the U.S. Department of Defense, enables the U.S. government to transform data into intelligence and provides engineering, integration and sustainment support for critical military platforms and systems. Intelligence & Security provides services and products to the Department of Defense, the government, federal law enforcement officials, and troops deployed around the world.
At BAE Systems, we promote a strong, collaborative culture and provide our employees with the tools, skills and training they need to succeed. We are all about trust, camaraderie, and a shared ambition to lead the world in defense technologies and national security services. We offer flexible work environment to support the balance in your life and keep you performing at your best. Be a part of a company that is part of the community; driven to improve our future and protect our freedom.
We are looking for a candidate with 11+ years of experience and a strong Cloud Engineering background to join our technology-based program supporting a key government customer. The candidate must function as a Expert level Cloud Engineer with experience managing Azure and M365 environments. This program is responsible for delivering and maintaining a full enterprise platform with enterprise services for end users that will eventually replace the entire Enterprise suite of services that exist today for the customer.
Key Responsibilities:
-
-

Design and implement identity solutions using Microsoft Entra ID (formerly Azure AD), including hybrid identity setups and federation services like ADFS.

• Configure and maintain Conditional Access policies to enforce security and compliance across users, devices, and applications.
• Manage entitlement group systems to ensure proper role-based access control (RBAC) and lifecycle automation.
• Leverage security tools such as Defender for Identity and Azure Identity Protection to detect and respond to identity-based threats.
• Support Zero Trust principles by enforcing least privilege access and continuous verification across identity workflows.
• Troubleshoot and resolve IAM issues, including authentication failures, access anomalies, and policy misconfigurations.
• Collaborate with cross-functional teams to align identity strategies with business requirements and regulatory standards.
• Document identity architectures and procedures to support operational continuity and knowledge sharing.
• Stay current with identity protocols like OAuth 2.0, OpenID Connect, SAML, and SCIM, and integrate them into secure solutions.

REQUIRED EDUCATION, EXPERIENCE, & SKILLS

11+ years of experience in designing, implementing, and managing large-scale Azure and M365 environments.

Strong technical skills in Azure and M365, including:

• Azure Active Directory (AAD)
• Azure Information Protection (AIP)
• Microsoft 365 Security & Compliance
• Azure Storage
• Azure Security Center
• Azure Monitor
• PowerShell
• Azure CLI
• Microsoft Sysinternals Toolsuite
• Role based access control
• Conditional Access and MFA
• FSLogix Profiles
• Azure Virtual Desktop (AVD)

Excellent communication and collaboration skills, with the ability to work with cross-functional teams and stakeholders.
Strong problem-solving skills, with the ability to troubleshoot and resolve complex Azure and M365 issues.
Certifications in Azure and M365, such as Microsoft Certified: Identity and Access Administrator Associate
Bachelor’s degree in Computer Science, Information Technology, or related field.

Preferred Education, Experience, & Skills

• Familiarity with Azure, Microsoft 365, and Active Directory Domain Services (AD DS)
• Experience with PowerShell and Kusto Query Language (KQL)
• Certifications:
• Azure Solutions Architect Expert
• Microsoft 365 Certified: Enterprise Administrator Expert

Please refer the Job description for details