Position DescriptionRole Title: Microsoft Hybrid Identity EngineerEngagement: Contract, 2 yearsLocation: On-site preferred (flexibility considered; on-site presence required for cutovers and commissioning)Role PurposeThe Microsoft Hybrid Identity Engineer will deliver targeted, project-based modernisation across identity, name services and server platforms.
The role focuses on replacing ageing on-premises systems with secure, cloud-ready solutions.
The work includes migrations, re-architecture, disaster recovery, PKI, Azure DNS and DHCP, observability using both native and open-source stacks, hyperconverged infrastructure server migrations, and Azure ARC onboarding.This position is suited to an experienced contractor with expertise in Microsoft hybrid environments who can deliver technically broad and complex infrastructure upgrades aligned with public-sector standards.Scope of WorkLead assessment and target-state design for hybrid Active Directory and Azure Entra Directory migrations, including tenant and domain consolidation and forest redesign.Plan and execute staged migration waves and cutovers with rollback, runbooks, and acceptance criteria aligned with service windows.Modernise service accounts and privileged credentials through inventory, remediation, managed identities, and lifecycle automation.Design, deploy, and operate PKI including CA hierarchy, certificate templates, automated issuance and renewal, CRL/OCSP, and Active Directory or Entra integration.Architect Azure disaster recovery plans to maintain essential services during outages, including replication, failover orchestration, and runbook testing.Lead server migrations on hyperconverged infrastructure (HCI) and onboard clusters and servers into Azure management via Azure ARC for unified policy, monitoring, and patching.Design and operate Azure DNS and DHCP at scale, including zone architecture, split-DNS, automated record management, DHCP scope design, and IPAM integration for hybrid environments.Build observability and reporting across hybrid platforms using Azure native tools and open-source stacks (Prometheus, Grafana, ELK/OpenSearch, OpenTelemetry).
Define SLIs and SLOs, dashboards, and alerting.Produce procurement-friendly technical specifications, vendor evaluation criteria, compliance documentation, and acceptance test plans.Coordinate vendors, contractors, and internal teams to schedule deliverables, manage dependencies, and minimise disruption during cutovers.Provide handover materials including runbooks, dashboards, automated scripts, and training for operational teams.DeliverablesTarget-state architecture documents and migration roadmap.Procurement-ready specifications for hardware, licences, and professional services.Detailed migration runbooks, cutover and rollback plans, test cases, and acceptance criteria.PKI design and certificate automation configuration.Azure disaster recovery runbooks, replication configuration, and failover test reports.Azure DNS and DHCP zone designs, automation scripts, and IPAM integration.Observability implementation including dashboards, alerting rules, SLIs, SLOs, and operational runbooks.Final handover package: documentation, training materials, and post-project support plan.Required Skills and ExperienceProven track record delivering hybrid Active Directory and Azure Entra Directory migrations and re-architectures in production environments.Hands-on experience with AD Connect, federation or modern authentication strategies, and directory sync troubleshooting.Demonstrated service-account and privileged credential modernisation including managed identities.Practical PKI experience covering CA hierarchy, templates, automation, and revocation.Experience architecting Azure disaster recovery, testing failover, and restore procedures.Server migration experience on hyperconverged platforms such as VMware vSphere, Nutanix, HPE SimpliVity, or vSAN, and Azure ARC onboarding.Strong experience with Azure DNS and DHCP, including split-DNS, DHCP scope, and IPAM design.Expertise in observability with Azure Monitor/Log Analytics and open-source stacks (Prometheus, Grafana, ELK/OpenSearch, OpenTelemetry).
Robust scripting and automation skills with PowerShell, Azure CLI, ARM/Bicep, Terraform, or equivalent.Excellent documentation, procurement support experience, and stakeholder management in public-sector contexts.Ability to work independently while collaborating with internal teams and suppliers.Desirable Experience and SkillsMicrosoft certifications such as Azure Administrator, Azure Solutions Architect, or Microsoft 365 Identity.Experience with PAM, IGA, SCIM provisioning, and application migrations to OAuth2 or OIDC.Previous contracting work within government and familiarity with procurement and audit frameworks.
#J-18808-Ljbffr
📌 Ms Identity Engineer
🏢 Talent Street
📍 Hervey Bay