Systems Reliability Engineer (SRE)- Microsoft Entra ID/Active Directory

At T-Mobile, we invest in YOU!  Our Total Rewards Package ensures that employees get the same big love we give our customers.  All team members receive a competitive base salary and compensation package - this is Total Rewards. Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches. That’s how we’re UNSTOPPABLE for our employees!

Job Overview
The System Reliability Engineer (SRE) improves and protects the software and systems behind all of T-Mobile's IT services, including management of scalability, availability, latency, performance, security, and capacity, and delivery of software faster, better, and cheaper. From designing & maintaining CICD Pipelines to building the next generation of T-Mobile applications on cloud native platforms, the SRE's enable great customer experience and product innovation by continuous improvement of operational support.

We are looking for a detail-oriented Entra ID and Active Directory Administrator to support and manage our identity infrastructure across both cloud and on-prem environments. In this role, you will be responsible for maintaining and supporting Microsoft Entra ID (formerly Azure AD) and Active Directory environments, ensuring that identity-related services are reliable, secure, and compliant with internal policies and regulatory standards.

The ideal candidate will bring hands-on experience managing user access, group policies, directory synchronization, conditional access, and other identity components within Microsoft ecosystems. You will also be expected to support routine identity lifecycle tasks, respond to access-related incidents, and assist in audits and security reviews.

This role is vital in protecting our organization's identity posture, minimizing risk, and supporting a seamless user access experience across platforms.

Job Responsibilities:

• Utilizes fluent knowledge and skill in emerging DevOps-centric automation tools and technologies for CICD, configuration management, etc. for non-prod environments.

• Performs environment management, automated server provisioning, pipeline configuration (VMs).

• Creates, manages, and uses dashboard for continuous monitoring and health check of applications, and the underlying infrastructure, improves the quality of services using the monitoring feedback for non-production environment.

• Contributes to future improvement of software delivery processes and operations, e.g., cloud enablement, and use of microservices with containerization.

• Identity management in AD and Entra ID.

• Support Single Sign On (SSO) onboarding of SaaS/IaaS applications into Entra ID in collaboration with app teams.

• Apply access policies using built-in RBAC, conditional access, and Multi-Factor Authentication (MFA) settings—based on existing frameworks.

• Help enforce least-privilege principles by managing role-based groups and permissions.

• Develop and maintain automation to streamline identity management processes

• Configure and maintain Microsoft Entra tenant settings under supervision, ensuring alignment with org standards.

• Support day-to-day operations of on-premises Active Directory (AD) and Microsoft Entra ID (Azure AD), including Organizational Unit (OU) and domain hygiene.

• Maintain Group Policy Objects (GPOs) by applying, modifying, and troubleshooting as directed.

• Run patch and update routines related to identity infrastructure tools and services.

• Monitor logs and system alerts for suspicious identity activity and escalate anomalies.

• Apply organization-defined conditional access and MFA settings under guidance.

• Support password policy enforcement and account lockout thresholds.

• Perform incident analysis to identify root causes and implement corrective actions to prevent recurrence.

• Troubleshoot AD/Entra ID authentication and synchronization using Microsoft Identity Synchronization tools.

• Participate in on-call rotations for identity-related incidents.

• Collaborate on incident response and access management projects with Cyber Security, Compliance, and application teams.

• Coordinate with app owners for integration of apps into Entra ID SSO (under guidance).

• Provide support to end-users facing identity-related issues.

• Assist in creating internal KBs, SOPs, and how-to guides for repeatable tasks.

• Assist in small-group training or onboarding sessions for new identity-related tools.

• Run scheduled identity audits to check group memberships, stale accounts, and policy compliance.

• Generate basic reports on system usage, access patterns, and incidents using native or third-party tools.

• Help document and maintain identity governance policies and procedures.

• Contribute feedback to senior team members on improving identity workflows and controls.

Education and Work Experience:

• Bachelor's Degree

• 2-4 years Relevant experience.

• Experience working in an Agile and DevOps environment. Preferred

• Experience in one or more of: C, C#, Java, Perl, Python, Go, or scripting experience in Shell and Perl. Required

• Experience in Continuous Integration/Continuous Delivery tools, such as, Jenkins, Cloudbees, etc., and other automation tools. Required

• Experience with DevOps tools, such as, Ansible, Chef, Puppet, etc. Experience in Docker, Kubernetes, etc. is preferable. Required

• Experience in APM tool, like, AppDynamics, logging tool, like Splunk. Required

• Experience working in a cloud environment (public/private). Required

• Experience in migrating to cloud or cloud native environments experience is preferable. Preferred

Knowledge, Skills and Abilities:

• DevOps (Required)

• Integration (Required)

• Cloud Computing (Preferred)

Travel:
Travel Required (Yes/No):Yes
DOT Regulated:
DOT Regulated Position (Yes/No):No
Safety Sensitive Position (Yes/No):No

Base Pay Range: $83,900 - $151,200

Corporate Bonus Target: 15%

The pay range above is the general base pay range for a successful candidate in the role. The successful candidate’s actual pay will be based on various factors, such as work location, qualifications, and experience, so the actual starting pay will vary within this range.

At T-Mobile, employees in regular, non-temporary roles are eligible for an annual bonus or periodic sales incentive or bonus, based on their role. Most Corporate employees are eligible for a year-end bonus based on company and/or individual performance and which is set at a percentage of the employee’s eligible earnings in the prior year. Certain positions in Customer Care are eligible for monthly bonuses based on individual and/or team performance. To find the pay range for this role based on hiring location, https://paylookup.t-mobile.com/paylookup?reqID=REQ311815¶dox=1

At T-Mobile, our benefits exemplify the spirit of One Team, Together! A big part of how we care for one another is working to ensure our benefits evolve to meet the needs of our team members. Full and part-time employees have access to the same benefits when eligible. We cover all of the bases, offering medical, dental and vision insurance, a flexible spending account, 401(k), employee stock grants, employee stock purchase plan, paid time off and up to 12 paid holidays - which total about 4 weeks for new full-time employees and about 2.5 weeks for new part-time employees annually - paid parental and family leave, family building benefits, back-up care, enhanced family support, childcare subsidy, tuition assistance, college coaching, short- and long-term disability, voluntary AD&D coverage, voluntary accident coverage, voluntary life insurance, voluntary disability insurance, and voluntary long-term care insurance. We don't stop there - eligible employees can also receive mobile service & home internet discounts, pet insurance, and access to commuter and transit programs! To learn about T-Mobile’s amazing benefits, check out www.t-mobilebenefits.com.

Never stop growing!
As part of the T-Mobile team, you know the Un-carrier doesn’t have a corporate ladder–it’s more like a jungle gym of possibilities! We love helping our employees grow in their careers, because it’s that shared drive to aim high that drives our business and our culture forward. By applying for this career opportunity, you’re living our values while investing in your career growth–and we applaud it. You’re unstoppable!
T-Mobile USA, Inc. is an Equal Opportunity Employer. All decisions concerning the employment relationship will be made without regard to age, race, ethnicity, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, religious affiliation, marital status, citizenship status, veteran status, the presence of any physical or mental disability, or any other status or characteristic protected by federal, state, or local law. Discrimination, retaliation or harassment based upon any of these factors is wholly inconsistent with how we do business and will not be tolerated.
Talent comes in all forms at the Un-carrier. If you are an individual with a disability and need reasonable accommodation at any point in the application or interview process, please let us know by emailing [email protected] or calling 1-844-873-9500. Please note, this contact channel is not a means to apply for or inquire about a position and we are unable to respond to non-accommodation related requests.