Cloud Identity Administrator for IT Operations (m/f/d)

You manage and operate Azure Active Directory (Entra ID) as well as hybrid identity solutions, including Azure AD Connect and on-premises directory services You plan and accompany changes, feature rollouts and piloting in the Cloud Identity area and perform these after testing in regular operation You develop, implement and operate identity, authentication and conditional access concepts, in particular single sign-on (SSO) and multi-factor authentication (MFA) You manage role, authorization and access concepts as well as protection mechanisms such as Privileged Identity Management (PIM) and Identity Protection You monitor security-relevant events, create evaluations and reports and contribute to compliance with regulatory and data protection regulations (e.g. GDPR, BSI Basic Protection) You administrate device and client management with Microsoft Intune, including MDM and MAM guidelines You automate management tasks with PowerShell and Microsoft Graph You perform tasks of error analysis and incident management in the Azure-AD environment You create and maintain operating documentation as well as working instructions and work with internal stakeholders

You have completed a university degree (Bachelor / FH Diploma) of computer science, business informatics, administrative informatics or a comparable discipline with at least the “satisfactory” note. OR You have completed a completed vocational training as a specialist in system integration and have at least five years of relevant professional experience in the field of cloud identity management, which is comparable in terms of content with a university degree (Bachelor / FH diploma). You have knowledge of Azure Active Directory (Entra ID) or Active Directory administration You convince colleagues and externals on the basis of your appraisal handling and your clear approach to the matter You have the digital skills to understand and classify new developments in a digital environment You are open to work in projects or project structures and ideally have experiences in agile working methods You have good knowledge of English You fulfil the requirements of § 7 para. 1 Federal Staff Act / § 3 para. 1.1 TvöD-V, in particular, possess the nationality of a Member State of the European Union, the European Economic Area or Switzerland and are willing to enter into the basic system of freedom and democracy You agree with an extended safety review pursuant to § 9 SÜG You must have knowledge of the German language at least at level C1 GER Of advantage are: You have knowledge of device and client management with Microsoft Intune, in particular with MDM and MAM guidelines You have knowledge of the automation of administrative tasks with PowerShell and Microsoft Graph API You have knowledge of monitoring and protocol evaluation in Azure-AD or Microsoft-365 environments You have knowledge in the areas: Authentication Multi-Factor Authentication (MFA), Single Sign-On (SSO) and Conditional Access You have knowledge of hybrid identity architectures, in particular with Azure AD Connect and the connection to on-premises directory services (e.g. Active Directory) You have knowledge in the areas of role, authorization and access concepts You bring knowledge of the implementation of security measures in the identity environment, such as Privileged Identity Management (PIM) and Identity Protection You have knowledge of fault analysis and incident management in cloud environments You are familiar with the GDPR and ideally also with BSI basic protection You have knowledge of work in regulated organisations or in public service We presume you are ready to do business trips. Service trips can also take several days, but are usually planned.

Integration into a team of specialists for whom the exchange of information and knowledge is of course Comprehensive training depending on your personal experience and individual qualifications (e.g. English courses, seminars) The ability to act independently within your task Flexible working time (running time with leisure compensation, possibility of parttime) Mobile work with grds. 40 % minimum presence in the office Extensive social benefits and benefits (including discounted job ticket, canteen use, free parking, own day-care facility, occupational pensions for employees via the VBL) A public service post-paid 12 TVöD – plus a job supplement and Christmas money. Payment of a specialist allowance is possible in principle the basic possibility of a beam; it is also possible to apply to senior officials up to grade A 11 BBesO The possibility of temporary use outside the BaFin at national or European level, such as the BMF, the ECB or the European supervisory authorities