Full Job Description
Responsibilities
We are seeking a dynamic Senior Engineer II - Identity and Access Management (IAM) with a strong background in IAM technologies, including Microsoft EntraID, Okta Auth0, Certificate Lifecycle Management (CLM), and Active Directory. The ideal candidate will actively engage in the planning, architecture, and execution of IAM systems, serving as a pivotal liaison between the organization and key vendors. This role demands a proactive approach to problem resolution, the ability to lead projects, and a commitment to collaborating with project managers and technical teams to deliver customer-centric solutions, including the presentation of design and deployment strategies. This role requires a proactive stance on system provisioning, maintenance, security, and compliance, ensuring alignment with company goals and regulatory standards. Key to the role is the development of policies and procedures that support system integrity, security, and availability, with a focus on identity verification and access control. Strong analytical skills, excellent communication abilities, and professional experience are crucial for success in this position.
- Microsoft EntraID, including managing user identities and access to resources in the cloud, implementing and managing Conditional Access policies, automating user provisioning and de-provisioning, integrating with Microsoft 365, Azure, and other SaaS applications, utilizing EntraID for single sign-on (SSO) and multi-factor authentication (MFA), and monitoring and analyzing sign-in logs for security and compliance
- Okta and Auth0 experience: Managing user identities and access, implementing access policies, automating user provisioning, integrating with applications, utilizing SSO and MFA, and implementing adaptive authentication for enhanced security and compliance.
- In-depth knowledge of Active Directory Domain Services
- Certificate Lifecycle Management, including Microsoft PKI management
- Networking services including InfoBlox for DHCP and DNS management
- In-depth experience with Federation, SSO & MFA technologies
- Scripting (PowerShell) / Automation of IAM Practices
- Monitoring and analyzing sign-in logs for security and compliance
- Understanding and ability to communicate the access control mechanisms for REST APIs
- Manage end-user accounts, permissions, access rights, and storage allocations in accordance with best practices regarding privacy, security, and regulatory compliance
- Serve as liaison to vendors to facilitate problem resolution
- Participate in IAM strategy and roadmap for enterprise stakeholders
- Serve as an Engineer on engagements and work directly with Project Management, Account Management, and Customer teams
- Develop the planning, and assist in the implementation of policies and procedures to ensure system provisioning and maintenance is consistent with company goals, industry best practices, and regulatory requirements
- Conduct research on emerging products, services, protocols, and standards in support of systems software procurement and development efforts
- Participate and adhere to defined incident, problem, and change management best practices
- Proficient communication skills particularly across functional technical areas
- Mentor and cross-train other team members in key skill sets
- ITIL Standards: Participate and adhere to defined ITIL standards for incident, request, and change management.
- Documentation: Document problems and resolutions for future reference, as well as platform configurations and standards.
- Communication: Maintain excellent communication skills, particularly across functional technical areas.
- On Call Rotation (PIC) is required
Qualifications
- Proficiency in Microsoft EntraID suite
- Experience with Okta and Auth0
- Proficiency in Certificate Lifecycle Management – Microsoft PKI
- Proficiency in Active Directory Domain Services
- Proficiency in Networking services including InfoBlox for DHCP, DNS and IPAM management
- Strong understanding of SSO, SAML, OAuth/OIDC, Conditional Access, MFA, RBAC, and fine-grained authorization
- Proficiency in scripting with PowerShell and Graph API
- Proficient problem-solving skills
- Ability to learn new technologies and applications quickly
- Excellent communication, time management, organization, and planning skills
- Strong communication skills, both written and verbal
- Bachelors Degree in Computer Science, Information Technology, Information Systems, or a related discipline. Equivalent experience and/or alternative qualifications will be considered.
- Relevant certifications such as Microsoft Certified: Identity and Access Administrator Associate (SC-300), CISSP, highly preferred.
We are an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, national origin, citizenship/ immigration status, veteran status, or any other status protected under federal, state, or local law.