Job Description Insight Global is seeking a Cloud Identity Engineer. You will design and build DocuSign’s next-generation, cloud-native identity platform. You’ll establish Microsoft Entra ID as the central control plane for identity and access, enabling secure, automated access across our multi-cloud production environments (Azure and GCP). Your primary focus is automation-first identity engineering—building scalable Joiner‑Mover‑Leaver (JML) workflows, managing access through Infrastructure as Code, and delivering secure-by-default, self-service access for engineers. What You’ll Do -Automate Identity Lifecycles: Design and implement end-to-end JML workflows using Microsoft Entra ID Lifecycle Workflows and custom automation for zero-touch provisioning and rapid de-provisioning. -Identity as Code: Manage RBAC, Conditional Access, and Privileged Identity Management (PIM) configurations using Terraform and version control. -Modern Access Controls: Implement advanced Entra ID capabilities including PIM, Just-in-Time (JIT) access, Conditional Access, and Workload Identity Federation at scale. -Build Automation Tooling: Develop production-grade automation using Python or PowerShell, integrating directly with the Microsoft Graph API for complex identity use cases. -Cross-Functional Collaboration: Partner with Security, Compliance, and Engineering teams to ensure identity controls are auditable, monitored, and compliant. -Platform Evolution & Mentorship: Evaluate new Entra ID features (e.g., Governance, Verified ID) and mentor junior engineers on automation and IaC best practices. -Operational Support: Participate in an on-call rotation to support the identity platform. PR: $25-30/hr We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. Skills and Requirements -Bachelor’s degree in Computer Science, Engineering, Information Systems, or equivalent experience -5+ years of engineering experience with a strong focus on Identity and Access Management (IAM) -Deep expertise in Microsoft Entra ID, including: Enterprise Applications and App Registrations Conditional Access policy design and enforcement Entra ID Governance and Privileged Identity Management (PIM) -Strong Infrastructure as Code experience using Terraform to manage RBAC, custom roles, and identity-related resources -Proven experience designing and implementing automated Joiner‑Mover‑Leaver (JML) workflows -Strong programming skills in Python, Go, or advanced PowerShell, with hands-on experience using REST APIs (especially Microsoft Graph) -Solid understanding of modern authentication and authorization protocols (OIDC, OAuth2, SAML) -Master’s degree in Computer Science or a related field -Microsoft Identity or Security certifications (e.g., SC‑300, AZ‑500) -Experience managing identities across multi-cloud environments (Azure and GCP) -Experience modernizing legacy Active Directory access models into dynamic, attribute-based cloud access -Familiarity with CI/CD pipelines (GitHub Actions, Azure DevOps) for deploying identity infrastructure -Understanding of large-scale system infrastructure, including load balancing and certificate management -Experience working with multiple vendors in the identity and security ecosystem