Identity & Access Management (IAM) Engineer
About the position
We are seeking a highly skilled Identity & Access Management (IAM) Engineer to design, implement, and manage secure identity solutions across our enterprise environment. This role is responsible for enforcing least-privilege access, strengthening authentication controls, supporting regulatory compliance (CMMC/NIST), and enabling secure digital transformation across cloud and on-premise platforms.
The IAM Engineer will partner with IT Infrastructure, Data, Security, HR, and Application teams to ensure identity governance, lifecycle automation, privileged access management, and zero-trust principles are consistently applied across the organizatio
Responsibilities
• Design and maintain IAM architecture across:
Microsoft Entra ID (Azure AD)
• Active Directory (on-prem)
• Microsoft 365
• VPN and network authentication systems
• Enterprise SaaS platforms (Salesforce, BC, etc.)
• Implement and manage Single Sign-On (SSO) and federation (SAML, OAuth, OIDC)
• Architect Conditional Access policies and Zero Trust controls
• Implement and enforce MFA across all systems
• Automate Joiner / Mover / Leaver (JML) processes integrated with HRIS
• Build and maintain Role-Based Access Control (RBAC) framework
• Implement access certification and periodic access reviews
• Ensure timely deprovisioning and segregation of duties enforcement
• Support M&A integrations (rapid identity consolidation within 30 days)
• Deploy and manage privileged access controls (PIM, just-in-time access)
• Enforce tiered admin model and privileged session monitoring
• Reduce standing privileged access across all systems
• Maintain break-glass account governance and monitoring
• Support CMMC, NIST 800-171, and internal audit requirements
• Maintain documentation for identity controls and audit evidence
• Participate in risk assessments and control testing
• Integrate identity logs with SIEM/SOC platform (e.g., Arctic Wolf)
• Investigate anomalous login behavior and identity-based threats
• Implement identity threat detection and response controls
Requirements
• 5+ years of experience in IAM, Identity Engineering, or Security Engineering
• Strong hands-on experience with:
• Microsoft Entra ID (Azure AD)
• Active Directory (GPOs, OU design, hybrid identity)
• MFA and Conditional Access
• SSO and federation protocols (SAML, OAuth, OIDC)
• Experience with Privileged Identity Management (PIM/PAM)
• Understanding of Zero Trust architecture principles
• Experience supporting compliance frameworks (NIST, CMMC, SOC 2, ISO 27001)
• PowerShell scripting and automation experience
• Experience in hybrid cloud environment
Apply tot his job
Apply To this Job
We are seeking a highly skilled Identity & Access Management (IAM) Engineer to design, implement, and manage secure identity solutions across our enterprise environment. This role is responsible for enforcing least-privilege access, strengthening authentication controls, supporting regulatory compliance (CMMC/NIST), and enabling secure digital transformation across cloud and on-premise platforms.
The IAM Engineer will partner with IT Infrastructure, Data, Security, HR, and Application teams to ensure identity governance, lifecycle automation, privileged access management, and zero-trust principles are consistently applied across the organizatio
Responsibilities
• Design and maintain IAM architecture across:
Microsoft Entra ID (Azure AD)
• Active Directory (on-prem)
• Microsoft 365
• VPN and network authentication systems
• Enterprise SaaS platforms (Salesforce, BC, etc.)
• Implement and manage Single Sign-On (SSO) and federation (SAML, OAuth, OIDC)
• Architect Conditional Access policies and Zero Trust controls
• Implement and enforce MFA across all systems
• Automate Joiner / Mover / Leaver (JML) processes integrated with HRIS
• Build and maintain Role-Based Access Control (RBAC) framework
• Implement access certification and periodic access reviews
• Ensure timely deprovisioning and segregation of duties enforcement
• Support M&A integrations (rapid identity consolidation within 30 days)
• Deploy and manage privileged access controls (PIM, just-in-time access)
• Enforce tiered admin model and privileged session monitoring
• Reduce standing privileged access across all systems
• Maintain break-glass account governance and monitoring
• Support CMMC, NIST 800-171, and internal audit requirements
• Maintain documentation for identity controls and audit evidence
• Participate in risk assessments and control testing
• Integrate identity logs with SIEM/SOC platform (e.g., Arctic Wolf)
• Investigate anomalous login behavior and identity-based threats
• Implement identity threat detection and response controls
Requirements
• 5+ years of experience in IAM, Identity Engineering, or Security Engineering
• Strong hands-on experience with:
• Microsoft Entra ID (Azure AD)
• Active Directory (GPOs, OU design, hybrid identity)
• MFA and Conditional Access
• SSO and federation protocols (SAML, OAuth, OIDC)
• Experience with Privileged Identity Management (PIM/PAM)
• Understanding of Zero Trust architecture principles
• Experience supporting compliance frameworks (NIST, CMMC, SOC 2, ISO 27001)
• PowerShell scripting and automation experience
• Experience in hybrid cloud environment
Apply tot his job
Apply To this Job