Introduction
We are looking for a Senior Azure IAM Engineer / Cloud Security Engineer to support the restructuring and governance of Azure identities, permissions, and privileged access. The consultant will lead the cleanup of existing access models, implement secure RBAC structures, automate access controls, and strengthen overall cloud security across a complex Azure landscape. This role requires deep Azure IAM expertise and the ability to drive technical improvements with autonomy.
Responsibilities
• Analyse existing Azure permissions across Management Groups, Subscriptions, and Resource Groups
• Remove unwanted or uncontrolled permission inheritance
• Implement secure Azure RBAC models aligned with business and technical needs
• Automate audits, access reviews, and reporting using PowerShell and Azure CLI
• Monitor privileged role usage and propose remediation actions
• Work closely with technical and security teams to align governance practices
• Document roles, inheritance rules, and assignment procedures
• Monitor Audit Logs to detect anomalies or security issues
Requirements
• Microsoft SC-300 certification (mandatory)
• Microsoft SC-104 certification (advantage)
• Strong expertise with Azure RBAC, Entra ID, PIM, and custom role management
• Proficiency with PowerShell and Azure CLI
• Knowledge of Azure limits related to permissions and inheritance
• Experience in cloud security and access governance
• Ability to work across multiple technical teams
• French C1 and English B2
• High autonomy