Location
New York County, New York, United States
Posted
May 10, 2026
Job Description
Microsoft Identity Engineer (FedRAMP Dayforce)
Overview
Hands on engineer chartered to design, harden, and operate identity for a new FedRAMP Moderate Dayforce environment. You will map NIST 800 53/FedRAMP requirements to concrete Azure/Entra ID controls, run a passwordless, phishinga resistant program with FIDO2 keys, and automate identity lifecycle and evidence for audits.
Key Responsibilities
Identity Architecture: Design tenant strategy; B2B/B2C patterns; app registrations, service principals, managed identities; RBAC and custom roles to enforce least privilege for SRE/product teams.
Access
Zero Trust: Implement Conditional Access, MFA, device compliance, JIT admin with PIM; govern authentication methods/policies for FIDO2/Windows Hello/Authenticator; integrate Entra ID with Dayforce apps, APIs, CI/CD, and Key Vault.
Compliance
Monitoring: Log privileged activity, role changes, and auth events into Microsoft Sentinel/Defender; automate JML (joiner/m...
Overview
Hands on engineer chartered to design, harden, and operate identity for a new FedRAMP Moderate Dayforce environment. You will map NIST 800 53/FedRAMP requirements to concrete Azure/Entra ID controls, run a passwordless, phishinga resistant program with FIDO2 keys, and automate identity lifecycle and evidence for audits.
Key Responsibilities
Identity Architecture: Design tenant strategy; B2B/B2C patterns; app registrations, service principals, managed identities; RBAC and custom roles to enforce least privilege for SRE/product teams.
Access
Zero Trust: Implement Conditional Access, MFA, device compliance, JIT admin with PIM; govern authentication methods/policies for FIDO2/Windows Hello/Authenticator; integrate Entra ID with Dayforce apps, APIs, CI/CD, and Key Vault.
Compliance
Monitoring: Log privileged activity, role changes, and auth events into Microsoft Sentinel/Defender; automate JML (joiner/m...