**Job Description** BAE Systems, a top-ten prime contractor to the U.S. Department of Defense, enables the U.S. government to transform data into intelligence and provides engineering, integration and sustainment support for critical military platforms and systems. Intelligence & Security provides services and products to the Department of Defense, the government, federal law enforcement officials, and troops deployed around the world. At BAE Systems, we promote a strong, collaborative culture and provide our employees with the tools, skills and training they need to succeed. We are all about trust, camaraderie, and a shared ambition to lead the world in defense technologies and national security services. We offer flexible work environment to support the balance in your life and keep you performing at your best. Be a part of a company that is part of the community; driven to improve our future and protect our freedom. We are looking for a candidate with 11 years of experience and a strong Cloud Engineering background to join our technology-based program supporting a key government customer. The candidate must function as a Expert level Cloud Engineer with experience managing Azure and M365 environments. This program is responsible for delivering and maintaining a full enterprise platform with enterprise services for end users that will eventually replace the entire Enterprise suite of services that exist today for the customer. Key Responsibilities: -StartFragment -> + **Design and implement identity solutions** using Microsoft Entra ID (formerly Azure AD), including hybrid identity setups and federation services like ADFS. + **Configure and maintain Conditional Access policies** to enforce security and compliance across users, devices, and applications. + **Manage entitlement group systems** to ensure proper role-based access control (RBAC) and lifecycle automation. + **Leverage security tools** such as Defender for Identity and Azure Identity Protection to detect and respond to identity-based threats. + **Support Zero Trust principles** by enforcing least privilege access and continuous verification across identity workflows. + **Troubleshoot and resolve IAM issues** , including authentication failures, access anomalies, and policy misconfigurations. + **Collaborate with cross-functional teams** to align identity strategies with business requirements and regulatory standards. + **Document identity architectures and procedures** to support operational continuity and knowledge sharing. + **Stay current with identity protocols** like OAuth 2.0, OpenID Connect, SAML, and SCIM, and integrate them into secure solutions.ABC **Required Education, Experience, & Skills** 11 years of experience in designing, implementing, and managing large-scale Azure and M365 environments. Strong technical skills in Azure and M365, including: + Azure Active Directory (AAD) + Azure Information Protection (AIP) + Microsoft 365 Security & Compliance + Azure Storage + Azure Security Center + Azure Monitor + PowerShell + Azure CLI + Microsoft Sysinternals Toolsuite + Role based access control + Conditional Access and MFA + FSLogix Profiles + Azure Virtual Desktop (AVD) Excellent communication and collaboration skills, with the ability to work with cross-functional teams and stakeholders. Strong problem-solving skills, with the ability to troubleshoot and resolve complex Azure and M365 issues. Certifications in Azure and M365, such as Microsoft Certified: Identity and Access Administrator Associate Bachelor's degree in Computer Science, Information Technology, or related field. **Preferred Education, Experience, & Skills** -StartFragment -> + -EndFragment ->Familiarity with Azure, Microsoft 365, and Active Directory Domain Services (AD DS) + Experience with PowerShell and Kusto Query Language (KQL) + Certifications: + Azure Solutions Architect Expert + Microsoft 365 Certified: Enterprise Administrator Expert **Pay Information** Full-Time Salary Range: $146670 - $249330 Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience. Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. **Cloud Identity Engineer (Expert)** **114479BR** EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression