Career Opportunities with Sum Theory, Inc.
A great place to work.
Career Opportunities with Sum Theory, Inc.
A great place to work.
Current job opportunities are posted here as they become available.
Subscribe to our RSS feeds to receive instant updates as new positions become available.
| Department: | Government |
| Location: |
Position Summary
The Azure Cloud Architect is a key technical leader responsible for designing, implementing, and governing identity, authentication, and access-control capabilities across the enterprise. This role owns the full identity lifecycle and ensures secure, scalable, and reliable identity services that support business operations, compliance requirements, and security objectives. The engineer partners closely with Security, Legal, Infrastructure, and Vendor teams to deliver a mature and evolving identity ecosystem.
Responsibilities
Identity & Access Management (IAM) Operations
• Own and optimize the full identity lifecycle (joiner / mover / leaver) processes
• Manage enterprise authentication systems, including MFA and conditional access
• Define, implement, and maintain role-based access control (RBAC) models
• Administer privileged access management (PIM), ensuring least-privilege operations
• Govern and maintain service accounts and non-human identities
Identity Architecture & Integrations
• Lead design, configuration, and maintenance of federation and SSO integrations
• Manage and enforce tenant-level security controls and configuration standards
• Coordinate feature rollout management for identity-related services
Governance, Compliance & Optimization
• Partner with Security and Legal teams to ensure identity alignment with data governance policies
• Implement and improve license-assignment automation
• Drive SKU optimization strategies (E3 vs. E5, workload mapping, cost efficiency)
• Manage true-up / true-down cycles for licensing accuracy and financial stewardship
Analytics, Reporting & Vendor Management
• Develop usage analytics and reporting to inform decisions and measure effectiveness
• Serve as primary liaison for Microsoft and reseller coordination
• Provide technical leadership and mentorship within the IAM domain
Requirements
• 7+ years of experience in Identity & Access Management or Enterprise Services engineering
• Expertise with Azure AD / Entra ID, Conditional Access, MFA, SSO, and federation technologies
• Strong understanding of RBAC, PIM, and identity lifecycle processes
• Experience automating licensing, access workflows, and identity provisioning
• Deep knowledge of Microsoft 365 tenants, licensing models, and security configurations
Preferred Skills/Experience
• PowerShell automation expertise
• Background working with Security, Audit, or Compliance teams
• Experience in large, complex, or regulated environments
