Active Directory Federation Service Customer Engineer Job Listing at JDA TSG in United States of America (Job ID 1122)

Description

Overview

At JDA TSG, we equip many of the world's major brands with top-tier specialized talent, business-process expertise, and innovations that move their organizations in exciting new directions. We apply extensive due diligence up front to ensure our teams are a cultural add and can make a difference from day one. Our reputation is built on exceptional focus, flexibility, and confidence with every client we serve.

We have immediate opportunities for an ADFS (Active Directory Federation Services) Expert to join our growing Customer Engineer (CE) team. These are full-time roles with comprehensive benefits. As a CE, you'll work with Fortune-1000 enterprises, guiding them to a healthy, secure identity posture across hybrid and cloud environments.

As a Customer Engineer, you will collaborate directly with customer teams to provide expert advisory services across a range of technologies. By leveraging structured intellectual property (MIP) engagements, you will establish trusted advisor relationships and guide customers towards achieving a healthy and secure state.

• Active Directory Federation Services Assessment Onboarding Accelerator
• Migrate and Protect Applications with Entra Architecture Service
• Migrate and Protect Applications with Entra Technical Blocker Mitigation
• Microsoft Active Directory Show Technical Ability
• Microsoft Active Directory On-Demand Assessment
• Active Directory Security On-Demand Assessment - Active Directory

• 10 - 15+ years of hands-on experience in Active Directory
• 7 – 10 years of experience in design, deploy, and configure ADFS environments (2016/2019/2022/2025) for new and existing customers
• Lead and execute ADFS-to-ADFS version migrations and server farm upgrades
• Migrate enterprise applications and service providers from ADFS to Entra ID
• Understand and assist in writing claims and Access Control Policies for Relying Party Trusts
• Understand and assist in transitioning Issuance Authorization Rules to Access Control Policies
• Understand and assist in setting up multifactor authentication providers for Relying Party Trusts
• Collaborate with architecture and security teams to ensure secure and compliant federation designs
• Perform troubleshooting of claims, authentication flows, and certificate-related issues
• Support certificate rollover processes and update relying party trust metadata
• Provide knowledge transfer and training to customer teams
• Act as a trusted advisor in federation and hybrid identity projects
• Understand multi-domain and forest design concepts
• Support authentication and trust planning
• Understand OU design and delegation strategies
• Work with Entra Connect and directory synchronization
• Use basic PowerShell for administration and automation tasks
• Troubleshoot replication and authentication issues

Nice to have:

• Familiarity with Entra ID licensing tiers (Free, P1, P2)
• Understand role-based access control (RBAC) concepts
• Knowledge of authentication models
• Basic understanding of device management concepts
• Experience syncing Active Directory identities
• Familiarity with Entra Password Protection
• Basic understanding of Active Directory Certificate Services (AD CS)
• Familiarity with Defender for Identity
• Understanding of Active Directory security principles
• Experience remediating security assessment findings
• Ability to tune audit policies
• Knowledge of event forwarding
• Understanding password policy best practices, including fine-grained password policies
• Experience applying security baselines

Since 2011, our mission has remained the same: to partner with clients helping to solve the toughest problems facing their businesses. We have been successful by applying a dynamic and forward-facing approach to business process improvement, outsourced managed services, best leveraging of technologies and talent solutions.

Our core values provide the framework that allows us to continually focus on what made us successful in the first place. Quite simply, our values inform everything that we do. We knew from day one that if we hired smart, passionate people and provided them meaningful yet challenging roles, we would thrive as an organization. 

Benefits & Perks

• Comprehensive health-care coverage for you and your family
• Employee Assistance Program (counseling & coaching)
• 401(k) with company match
• Paid time off & parental leave
• Volunteer Day Off
• Life and business-travel accident insurance

We are an equal opportunity employer committed to building an inclusive workplace. To view our Equal Employment Opportunity (EEO) policy, please click here.

• 10 - 15+ years of hands-on experience in Active Directory
• 7 – 10 years of experience in design, deploy, and configure ADFS environments (2016/2019/2022/2025) for new and existing customers
• Lead and execute ADFS-to-ADFS version migrations and server farm upgrades
• Migrate enterprise applications and service providers from ADFS to Entra ID
• Understand and assist in writing claims and Access Control Policies for Relying Party Trusts
• Understand and assist in transitioning Issuance Authorization Rules to Access Control Policies
• Understand and assist in setting up multifactor authentication providers for Relying Party Trusts
• Collaborate with architecture and security teams to ensure secure and compliant federation designs
• Perform troubleshooting of claims, authentication flows, and certificate-related issues
• Support certificate rollover processes and update relying party trust metadata
• Provide knowledge transfer and training to customer teams
• Act as a trusted advisor in federation and hybrid identity projects
• Understand multi-domain and forest design concepts
• Support authentication and trust planning
• Understand OU design and delegation strategies
• Work with Entra Connect and directory synchronization
• Use basic PowerShell for administration and automation tasks
• Troubleshoot replication and authentication issues

Nice to have:

• Familiarity with Entra ID licensing tiers (Free, P1, P2)
• Understand role-based access control (RBAC) concepts
• Knowledge of authentication models
• Basic understanding of device management concepts
• Experience syncing Active Directory identities
• Familiarity with Entra Password Protection
• Basic understanding of Active Directory Certificate Services (AD CS)
• Familiarity with Defender for Identity
• Understanding of Active Directory security principles
• Experience remediating security assessment findings
• Ability to tune audit policies
• Knowledge of event forwarding
• Understanding password policy best practices, including fine-grained password policies
• Experience applying security baselines

As a Customer Engineer, you will collaborate directly with customer teams to provide expert advisory services across a range of technologies. By leveraging structured intellectual property (MIP) engagements, you will establish trusted advisor relationships and guide customers towards achieving a healthy and secure state.

• Active Directory Federation Services Assessment Onboarding Accelerator
• Migrate and Protect Applications with Entra Architecture Service
• Migrate and Protect Applications with Entra Technical Blocker Mitigation
• Microsoft Active Directory Show Technical Ability
• Microsoft Active Directory On-Demand Assessment
• Active Directory Security On-Demand Assessment - Active Directory