Security Operations Engineer II

Participate in the on-call rotation as a Designated Responsible Individual (DRI), providing dependable and timely operational support for identity services. Execute identity lifecycle operations such as access provisioning and deprovisioning, group and role management, and access governance activities. Contribute to root-cause analysis and post-incident reviews, supporting follow-up actions to reduce repeat incidents. Develop and maintain scripts and basic automation to streamline identity operations, improve first-contact resolution, and reduce manual and repetitive work. Identify recurring operational issues and collaborate with engineering partners to implement automation-first improvements that reduce operational noise and incident volume. Work in scheduled shift and on-call rotations to provide continuous operational support for identity services.

6+ years of experience in security operations, IT operations, technical support, or engineering roles supporting production systems. Strong understanding of identity and access fundamentals, including authentication and authorization protocols (OAuth 2.0, OIDC, SAML, certificate-based authentication) and common token flows. Experience supporting directory synchronization and device identity, including Entra Connect or Cloud Sync, Azure AD joined, hybrid joined, and registered devices, and how device posture influences Conditional Access. Working knowledge of application identity, including app registrations, delegated and application permissions, consent flows, API scopes, and identifying common configuration issues. Ability to analyze identity logs and telemetry, such as sign-in, audit, token, and provisioning logs, using tools like the Azure portal, KQL, Graph Explorer, Azure Monitor, or IcM. Demonstrated troubleshooting and automation mindset, with experience scripting or building basic automation to reduce manual work, improve support quality, and collaborate effectively with engineering and security teams. Working knowledge of automation tools and source control, including Git/GitHub and CI/CD pipelines. Familiarity with monitoring and incident management tools such as Azure Monitor, Kusto, Grafana, and IcM. Strong interest in service reliability, operational discipline, and improving production support quality. Practical scripting experience using PowerShell and/or Python.