At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Conditional Access and MFA Management - Senior

Role Summary

Execute end-to-end operations for Conditional Access (CA) and Multi-Factor Authentication (MFA), including policy configuration, enforcement monitoring, exception handling, and incident/request management across onboarding and steady-state managed services phases.

Technical Requirements – Must Have

• Hands-on expertise in Microsoft Entra ID (Azure AD) with strong focus on Conditional Access policies and MFA controls.
• Experience configuring and managing Conditional Access (CAP) including monitoring enforcement, handling false positives, and tuning policies.
• Strong experience in MFA operations (user onboarding, authentication troubleshooting, lockouts, exception/bypass handling).
• Solid understanding of authentication protocols (SSO, federation), identity risk signals, and device compliance signals.
• Experience handling high-volume L2/L3 IAM tickets (incident, request, change) in a structured ITSM environment.
• Ability to implement and manage time-bound exceptions with audit traceability.
• Experience with policy validation, enforcement monitoring, and post-change verification.

Technical Requirements – Good to Have

• Experience integrating Conditional Access with device compliance tools (e.g., Intune) and identity risk-based policies.
• Working knowledge of identity security monitoring and SIEM integrations (alerts, sign-in logs, anomaly detection).
• Familiarity with PowerShell scripting for automation of user/admin tasks in Entra ID.
• Experience supporting SSO/federation configurations (SAML, OAuth, OIDC) across enterprise applications.
• Exposure to user awareness, onboarding, and MFA adoption campaigns in enterprise environments.
• Understanding of audit support processes (log extraction, evidence preparation, exception validation).
• Experience in policy tuning and continuous improvement to optimize enforcement and minimize false positives.

Additional Requirements / Profile Expectation

• Ability to independently manage high-volume IAM operations with minimal supervision in a structured ITSM model.
• Strong analytical mindset to troubleshoot authentication issues, access failures, and policy enforcement gaps.
• High attention to detail for policy execution, exception handling, and audit traceability requirements.
• Comfortable working within strict client-approved change and approval processes (no independent policy decisions).
• Ability to multi-task across incidents, service requests, and change activities while maintaining SLA adherence.
• Proactive in identifying false positives, enforcement issues, and optimization opportunities.
• Good communication skills to coordinate with service desk, infra teams, and client stakeholders.
• Strong discipline in runbook-driven execution and documentation updates.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.