Afarax is looking for a freelance Entra ID Engineer – Identity & Access Management. We need you!
The project:
Our client in the Transportation, Logistics, Supply Chain and Storage sector, is seeking an experienced Entra ID Engineer – Identity & Access Management to strengthen their team.
Key responsibilities:
Identity & Access Engineering
* Design, implement, and optimize Entra ID (Azure AD) for authentication, federation, and access management.
* Configure and enforce MFA and SSO policies across enterprise applications and platforms.
* Implement Privileged Access Management (PAM) controls, including Just-in-Time (JIT) and Just-Enough-Access (JEA).
* Build and maintain role-based access control (RBAC) models and conditional access rules.
Automation & Security-as-Code
* Automate IAM provisioning and governance processes using PowerShell, Terraform, or Azure Automation.
* Develop scripts and workflows for account lifecycle management, entitlement reviews, and access certifications.
* Integrate IAM services with CI/CD pipelines to enforce secure authentication patterns by default.
Governance, Compliance & Risk
* Ensure IAM services comply with ISO 27001, NIS2, PCI DSS, and DORA regulatory frameworks.
* Support identity-related audits, access recertifications, and risk assessments.
* Monitor and analyze authentication telemetry to identify anomalies and strengthen detection.
Advisory & Incident Support
* Act as a subject-matter expert for identity-related incidents, supporting SOC in detection and response.
* Advise application and infrastructure teams on secure integration with Entra ID, SAML, OIDC, and OAuth2.
* Coach business and IT teams on IAM best practices and identity-first security.
Is this you?
* 8+ years in IT/security, with at least 5+ years in IAM engineering.
* Deep expertise in Microsoft Entra ID, MFA, SSO, Conditional Access, and PAM solutions.
* Hands-on experience with RBAC, SAML, OAuth2, OpenID Connect, and directory synchronization (AD Connect).
* Strong scripting/automation skills (PowerShell, Terraform, JSON).
* Experience delivering IAM solutions at scale in regulated industries (finance, logistics, public sector).
Certifications:
Required (at least 1):
* Microsoft Certified: Identity and Access Administrator Associate (SC-300)
* Microsoft Certified: Azure Security Engineer Associate (AZ-500)
Preferred:
* CISSP, CISM, TOGAF, or vendor-specific PAM certifications (CyberArk, BeyondTrust, Thycotic).
How afarax supports you?
* You benefit from our extensive network
* You will have access to projects that fit your expertise
* We help and support you throughout your project
* We offer the possibility to build a valuable and lasting partnership
Check out more projects on: https://afarax.be/jobs/type/freelance/