About
Cloud Identity Engineer with 4 years of IT experience specializing in Microsoft Entra ID (Azure Active Directory), Active Directory (AD DS), and enterprise Identity & Access Management (IAM). Hands-on expertise in Privileged Identity Management (PIM), Conditional Access Policies (CAP), Multi-Factor Authentication (MFA), Single Sign-On (SSO) via SAML 2.0 and OAuth 2.0/OIDC, and Hybrid Identity solutions — gained across high-compliance BFSI environments at LTIMindtree and JPMorgan Chase. Strong experience in ServiceNow ITSM processes. Adept at enforcing Zero Trust principles and least-privilege access governance across large-scale enterprise environments. Microsoft AZ-900 certified with SC-300 in progress. Immediate joiner.
Skills & Expertise (37)
Work Experience
Active Directory & Identity Engineer
JPMorgan Chase & Co.
Jun 2024 - Dec 2025
Engineered and maintained enterprise-scale Active Directory (AD DS) infrastructure — including user accounts, Organizational Units (OUs), domain trust relationships, and Group Policy Objects (GPOs) — governing identity access for 10,000+ users across a high-compliance BFSI environment. Designed and enforced Group Policy (GPO) configurations covering security baselines, password policies, software deployment, and endpoint compliance across all domain-joined systems. Owned end-to-end identity lifecycle management for user onboarding, role transitions, access modifications, and secure offboarding — processing 100+ monthly identity requests in strict compliance with JPMorgan’s internal security frameworks. Diagnosed and resolved complex Azure AD Connect synchronization issues, ensuring consistent hybrid identity state between on-premises Active Directory and Microsoft Entra ID. Governed privileged AD accounts, security groups, and distribution lists, enforcing least-privilege access principles and maintaining clean group membership hygiene across the enterprise domain. Managed identity incidents, service requests, and change records via ServiceNow, maintaining detailed audit trails and adhering to ITIL-based change management procedures with an average SLA compliance rate of 98%. Generated audit reports and access recertification evidence to support internal and external compliance reviews, including SOX and internal risk assessments.
Azure IAM & Cloud Identity Engineer
LTIMindtree
Dec 2021 - May 2024
Served as Subject Matter Expert (SME) on Microsoft Azure, focusing on Azure IAM across multiple enterprise client tenants. Administered Microsoft Entra ID (Azure Active Directory) across multiple enterprise client tenants, managing user provisioning, deprovisioning, attribute updates, and full identity lifecycle operations. Configured and maintained Conditional Access Policies implementing Zero Trust access controls — enforcing access restrictions based on user risk, device compliance, network location, and application sensitivity. Managed Privileged Identity Management (PIM) including Just-In-Time (JIT) role activations, approval workflows, activation duration limits, and quarterly privileged access reviews for 100+ Azure AD roles across client environments. Implemented Role-Based Access Control (RBAC) at subscription, resource group, and resource levels across 15+ Azure subscriptions, enforcing least-privilege governance and reducing over-privileged accounts by 25% during cloud security audits. Configured Multi-Factor Authentication (MFA) policies — including per-user MFA, Security Defaults, and Conditional Access-based MFA — across diverse enterprise user populations. Created and managed Azure AD static and dynamic groups, enterprise application assignments, app registrations, and service principal configurations for SaaS and internal application integrations. Enabled Single Sign-On (SSO) for enterprise applications using SAML 2.0 and OAuth 2.0/OIDC through Azure AD, improving user access efficiency and reducing help desk password tickets by 20%. Configured B2B collaboration and Cross-Tenant access settings to enable secure external partner identity federation across organizational boundaries. Automated identity provisioning and access review workflows using PowerShell (Az, AzureAD, ActiveDirectory modules) and MS Graph API, reducing manual effort by 60% on recurring IAM tasks. Conducted periodic Access Reviews and generated compliance reports supporting internal audits, client security reviews, and regulatory governance requirements. Handled 500+ identity incidents, change requests, and service tasks via ServiceNow, consistently meeting SLA targets and contributing 30+ articles to the team knowledge base.
Education
Bachelor of Technology — Computer Science - Gandhi Institute of Technology and Management (GITAM) University
2017 - 2021 · Afghanistan
Certifications
Microsoft Certified: Azure Fundamentals (AZ-900)
Microsoft · 2023
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (37)
Click a skill to find developers with the same skill
