Job Title

Hi Role - Cloud Identity Engineer (Entra ID Automation) Location Remote Canada Full time Salary - CAD125k + Benefits Annually What You Will Do In this role, you will be a key member of the team that manages user identities and provides appropriate access to resources across all of Docusigns product infrastructure. You will move beyond legacy on-premise operations to build our next-generation, cloud-native identity fabric. The goal is to establish Microsoft Entra ID as the central control plane, ingesting identity information from corporate systems and applying automated roles and policies to govern access to our multi-cloud production environment (Azure & GCP) and on-premises Active Directory (AD). Automation is your primary deliverable : you will build robust JML (Joiner-Mover-Leaver) workflows and manage RBAC as code to ensure systems are secure by default, providing engineers with a seamless, self-service experience. This position is an individual contributor role reporting to the Sr. Manager, Identity and Access Management Engineering. Responsibilities Design and automate identity lifecycles: Architect and build end-to-end Joiner, Mover, and Leaver (JML) workflows using Microsoft Entra ID , Lifecycle Workflows, and custom automation to ensure zero-touch provisioning and immediate de-provisioning. Implement Identity as Code: Manage all Role-Based Access Control (RBAC), Conditional Access policies, and PIM configurations using Terraform and version control systems. Engineer Modern Access Controls: Implement advanced Entra features such as Privileged Identity Management (PIM), Just-in-Time (JIT) access, and Workload Identity Federation in a robust and scalable manner. Develop Automation Tooling: Write production-quality code (Python, or PowerShell) to interact with the Microsoft Graph API for complex identity tasks that cannot be solved via native configuration alone. Partner Cross-Functionally: Collaborate with security, compliance, and engineering teams to ensure that all automated access activities are logged, monitored, and properly audited. Define and set up integrations between Entra ID and on-premises creating hybrid identity infrastructure