Active Directory Federated Services Customer Engineer Job Listing at JDA TSG in United States of America (Job ID 12545595)

Description

ACTIVE DIRECTORY FEDERATION SERVICES (ADFS) CUSTOMER ENGINEER

QUICK FACTS:

• Work authorization: U.S. citizenship required
• Location: Remote delivery via Microsoft Teams; minimal travel may be required
• Compensation: $95,000 – $110,000 (DOE)

WHAT YOU'LL DO:

As a Customer Engineer (CE), you will work directly with enterprise customers to design, secure, migrate, and optimize complex federation and hybrid‑identity environments. You will leverage Microsoft Intellectual Property (MIP) engagements to guide customers toward a healthy, secure state and act as a trusted advisor.

PRIMARY WORK:

• Active Directory Federation Services (ADFS) Assessment & Onboarding Accelerator
• Migrate & Protect Applications with Entra (Architecture Services + Technical Blocker Mitigation)
• Active Directory Security & On‑Demand Assessments
• Microsoft Active Directory “Show” technical engagements

RESPONSIBILITIES:

• Design, deploy, and configure new or upgraded ADFS 2016/2019/2022/2025 farms
• Lead ADFS‑to‑ADFS version migrations and execute farm upgrades with zero downtime
• Migrate enterprise apps and service providers from ADFS to Microsoft Entra ID
• Craft claims rules and Access Control Policies (ACPs) and transition Issuance Authorization Rules to ACPs
• Implement multifactor authentication providers for relying‑party trusts and manage certificate rollover
• Troubleshoot claims flows, authentication failures, and certificate issues
• Deliver knowledge‑transfer workshops and mentor customer identity teams
• Serve as senior technical escalation point and trusted advisor for federation and hybrid‑identity projects

EXPERIENCE

• Expertise designing and configuring ADFS farms (2016–2025)
• Hands‑on experience leading ADFS version migrations and farm upgrades
• Proven success migrating enterprise applications from ADFS to Microsoft Entra ID (SAML/OIDC/OAuth)
• Ability to craft, migrate, and troubleshoot claims rules and Access Control Policies
• Deep knowledge integrating multifactor authentication providers with ADFS trusts
• Experience managing certificate lifecycles and updating relying‑party trust metadata
• Solid background with Microsoft Entra Connect / synchronization and hybrid authentication

OPTIONAL KNOWLEDGE:

• Entra ID (Free/P1/P2), RBAC, Entra Password Protection, Device management
• Active Directory Certificate Services, Defender for Identity, AD security hardening and remediation
• Fine‑grain password policies, audit‑policy tuning, security baselines

CERTIFICATIONS (any of):

• Microsoft Certified: Identity & Access Administrator (SC‑300), Azure Administrator (AZ‑104)
• MCSE or equivalent
• Microsoft Certified Trainer (MCT)
• CISSP or comparable security credential

ABOUT JDA TSG:

Since 2011 we have partnered with clients to solve their toughest technical challenges through dynamic, forward‑thinking managed services and talent solutions. We believe smart, passionate people tackling meaningful work are the key to our success—and yours.

BENEFITS & PERKS:

- Comprehensive medical, dental, and vision coverage

- 401(k) with company match

- Generous PTO, paid parental leave, and a Volunteer Day Off

- Employee Assistance Program for counseling and coaching

- Company‑paid life and business‑travel accident insurance

EQUAL EMPLOYMENT OPPORTUNITY

JDA TSG is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations, and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. 

 Apply on company website