Microsoft Entra ID & Active Directory Engineer at METRO/MAKRO

Pune, maharashtra, India -

Full Time

Start Date

Immediate

Expiry Date

31 Aug, 26

Salary

0.0

Posted On

02 Jun, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Microsoft Entra ID, Active Directory, Conditional Access, Privileged Identity Management, PowerShell Scripting, Zero Trust, Hybrid Identity, Identity and Access Management, OAuth, MFA, LAPS, Azure Subscriptions

Industry

Wholesale

Description

Company Description Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €31.6 Billion international wholesaler with operations in more than 30 countries. The store network comprises a total of 623 stores in 21 countries, of which 522 offer out-of-store delivery (OOS), and 94 dedicated depots. In 12 countries, METRO runs only the delivery business by its delivery companies (Food Service Distribution, FSD). HoReCa and Traders are core customer groups of METRO. The HoReCa section includes hotels, restaurants, catering companies as well as bars, cafés and canteen operators. The Traders section includes small grocery stores and kiosks. The majority of all customer groups are small and medium-sized enterprises as well as sole traders. METRO helps them manage their business challenges more effectively. MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide HR, Finance, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 10 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers. Website: https://www.metro-gsc.in Company Size: 1000-1100 Headquarters: Pune, Maharashtra, India Type: Privately Held Inception: 2011 Job Description Microsoft Entra ID (Advanced Implementation) Implement and optimize Conditional Access policies based on approved designs Support and operationalize: Risk‑based access policies Authentication Strengths and phishing‑resistant MFA Lead operational implementation of Privileged Identity Management (PIM): Role assignments Approval workflows Just‑in‑Time access configuration Secure application and workload identities: App registrations and service principals OAuth permission governance On‑Prem Active Directory (Security & Hardening) Support and enforce AD security best practices: Tiered admin model (Tier 0 / 1 / 2) Privileged account separation Lead AD hardening activities: LAPS Protected Users Delegation and admin access restrictions Troubleshoot complex AD security and authentication issues Hybrid Identity & Integration Support Entra Connect configuration and lifecycle management Assist in evaluating authentication models and hybrid trust decisions Support integration of identity with: Azure subscriptions Third‑party SaaS applications Threat Detection & Operations Support CyberDefence team for Identity (MDI) investigations and tuning Act as a technical escalation point during identity‑related incidents Collaboration & Mentoring Mentor mid‑level engineers and provide technical guidance Participate in design reviews and provide implementation feedback Work closely with Identity Architects, Security, and Platform teams Qualifications 8–10 years of experience in identity and access management Strong hands‑on experience with: Microsoft Entra ID P2 Conditional Access at scale Privileged Identity Management Active Directory security Experience supporting hybrid AD environments Advanced PowerShell scripting and automation Strong understanding of identity‑based attack techniques and mitigations Solid grasp of Zero Trust principles (implementation‑focused) Additional Information Experience with: Concepts around IGA Defender for Identity Passwordless authentication (FIDO2, WHfB) VDI or shared device environments Certifications: SC‑300 AZ‑500 Microsoft Security certifications Work Model: Hybrid

Responsibilities

Implement and optimize Microsoft Entra ID and Active Directory security, focusing on Conditional Access, PIM, and hardening activities. Provide technical escalation support for identity-related incidents and mentor mid-level engineers.