Identity Fabric Principal

Working as an Identity Fabric Principal you will:

• Lead the delivery and architectural alignment of Microsoft-first identity platforms, heavily utilizing Entra ID and Entra External ID for diverse enterprise applications and APIs.

• Manage complex hybrid environments, orchestrating the pragmatic modernization of legacy dependencies like AD DS and AD FS without causing service disruptions.

• Implement, oversee, and troubleshoot advanced authentication flows (such as Auth Code with PKCE and Client Credentials) and federations (IdP/SP setups, SSO resolutions).

• Drive an "automation-by-default" culture by scripting reliable bulk operations, health checks, and reporting using Graph PowerShell, while integrating these processes into CI/CD pipelines.

• Ensure all identity architectures are compliance-oriented and privacy-focused, building traceable controls that align with GDPR/EUDPR regulations and internal auditing standards.

• Govern end-to-end IGA processes (Joiner, Mover, Leaver) and lifecycle integrations, ensuring SailPoint governance strategies map seamlessly to Microsoft identity patterns.

• Future-proof the organization's security posture by designing least-privilege access models and establishing governance readiness for emerging AI and agent identities.

• Design and enforce risk-based access controls, tuning Conditional Access policies, Identity Protection rules, and phishing-resistant MFA rollouts.

Chabre IT Services is a global professional IT services provider, building long-lasting relationships with Enterprises. We specialize in the delivery of tailor-made solutions,  smart outsourcing, try&hire, and success fee services. We are a smart IT boutique with unique knowledge, which will deliver your ideas into reality.

Our client is a large international public-sector organization operating in a highly regulated and security-focused environment. The organization is responsible for coordinating complex operations, ensuring operational resilience, and maintaining continuity of critical services across multiple stakeholders and jurisdictions. You will join an institution that values structured governance, strong security standards, operational excellence, and cross-functional collaboration in an international setting.

• Extensive expertise in modern authentication frameworks and standards, particularly OAuth 2.0, OpenID Connect, and SAML.

• Deep technical knowledge of the Microsoft Entra ecosystem, including tenant configuration, enterprise app integrations, service principals, and Entra ID Governance (access packages and reviews).

• Strong foundational knowledge of hybrid infrastructures, including Active Directory forests, trusts, GPOs, and federation modernization.

• Proven experience with Identity Governance and Administration (IGA) platforms, particularly understanding SailPoint (IdentityIQ or IdentityNow) delivery models and SCIM provisioning.

• Advanced proficiency in PowerShell automation tailored for Entra, Microsoft 365, and legacy AD DS/AD FS environments.

• Comprehensive understanding of token lifecycles, session security, and complex API consent models (delegated vs. application permissions).

• Strong background in designing claims and identity contexts, including normalization, mapping, and least-privilege claim structures.

• Familiarity with integrating privacy-by-design concepts into IAM solutions to meet strict European data protection standards.

• Rate up to 200,00 PLN/h + VAT
• Onsite work (Warsaw)
• Subsidy for peripherals in the amount of 500,00zł
• Working tool (MacBook Pro or Lenovo Legion 5)
• Co-financing of courses related to the position
• Benefits: MultiSport, Medicover