IT Identity Access Management Engineer

The  IT Identity & Access Management Engineer will design, implement, and manage our enterprise identity and mobility solutions.

Summary of Responsibilities

• Administer and manage Microsoft 365 services including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams
• Manage Microsoft 365 licensing, user provisioning, and service assignments
• Configure and optimize SharePoint Online sites, permissions, and governance policies
• Manage Teams policies, meeting settings, and collaboration features
• Monitor Microsoft 365 service health and respond to service incidents
• Maintain, optimize, and modernize Azure Active Directory (Entra ID) and on-premises Active Directory synchronization using Azure AD Connect
• Lead the roadmap and execution for our move from on-premises Active Directory to Entra ID, including hybrid identity design, application authentication migration, and deprecation of legacy identity dependencies where appropriate
• Implement and manage hybrid identity solutions including Azure AD Join and Hybrid Azure AD Join
• Configure and maintain Group Policy Objects (GPOs) and ensure proper integration with Intune policies
• Manage directory services, domain controllers, and replication topology
• Implement and maintain Active Directory security best practices including privileged access management
• Design and manage Entra ID Conditional Access, MFA, and related identity security controls to protect user and application access
• Design, deploy, and maintain Microsoft Intune infrastructure for mobile device management (MDM) and mobile application management (MAM)
• Develop and implement device compliance policies, conditional access policies, and configuration profiles for iOS, Android, Windows, and macOS devices
• Manage application deployment, updates, and lifecycle management through Intune
• Configure and maintain Windows Autopilot for zero-touch device provisioning
• Implement and manage co-management scenarios between Intune and Configuration Manager
• Troubleshoot and resolve complex Intune-related issues affecting device enrollment, policy application, and application deployment

Minimum Qualifications

• Bachelor’s degree in Computer Science, Information Technology, or related field, or equivalent work experience
• 5+ years of experience in enterprise IT infrastructure
• 3+ years of hands-on experience with Microsoft Intune and mobile device management and Microsoft 365
• Knowledge of Microsoft Intune, including MDM, MAM, and Endpoint Manager
• Strong understanding of Active Directory architecture, Group Policy, DNS, DHCP, and directory services
• Hands-on experience with hybrid identity and migrating from on-premises Active Directory to Azure Active Directory / Entra ID
• Experience with Windows Autopilot, co-management, and modern device provisioning
• Knowledge of mobile operating systems (iOS, Android) and their management frameworks
• Experience with certificate authorities and PKI infrastructure
• Knowledge of networking concepts including VPN, Wi-Fi, and network security
• Strong analytical and problem-solving abilities
• Excellent communication skills with ability to explain technical concepts to non-technical audiences
• Project management capabilities and ability to manage multiple priorities
• Customer service orientation with focus on end-user experience

Preferred Qualifications

• Familiarity with enterprise mobility management solutions beyond Intune
• Experience with Azure infrastructure and services
• Proficiency with Azure Active Directory (Entra ID), Azure AD Connect, hybrid identity scenarios, and prior involvement in AD-to-Entra ID modernization or migration projects
• Understanding of PowerShell scripting for automation and reporting

The salary range for this role is $ 75, 000 to $97, 500.  An employee’s pay within the salary range will be based on numerous factors including, but not limited to, relevant education, qualifications, experience, skills, geographic location and business or organizational needs. 

Cleveland-Cliffs Inc. is the largest flat-rolled steel company and the largest iron ore pellet producer in North America. The Company is vertically integrated from mined raw materials, direct reduced iron, and ferrous scrap to primary steelmaking and downstream finishing, stamping, tooling, and tubing. We offer an excellent total compensation package including competitive pay with variable compensation opportunity, health insurance, retirement plan, education assistance, paid time off, and more. 

Cleveland-Cliffs Inc. is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please send an e-mail to careers@clevelandcliffs.com or call 1-(312) 899-3097 and let us know the nature of your request and your contact information. Do not email your application materials to this email address. Application materials sent to this email address will not be considered.

Cleveland-Cliffs Inc. is an equal opportunity employer – M/F/Veteran/Disability. We are a drug-free workplace and conduct pre-employment screening as a condition of employment.