Job description:
Position Summary
The IAM Engineer will implement, manage, and maintain the identity and access management infrastructure. The role ensures secure, efficient, and scalable access to digital resources while supporting business objectives and maintaining compliance with security standards.
Key Responsibilities
IAM Implementation and Administration
Design, configure, and manage IAM framework using Microsoft Entra ID (Azure AD), Active Directory, and SSO technologies.
Align IAM policies with business and security requirements.
Active Directory and Entra ID Management
Administer and maintain AD forests, domains, trusts, and replication.
Manage Entra ID services including MFA, conditional access, and identity protection.
Ensure high availability and security of directory services.
SSO Configuration and Support
Configure and support SSO using SAML, OAuth, and OpenID Connect.
Integrate SSO with cloud and on-prem applications.
Security and Compliance
Enforce RBAC, access policies, and identity governance.
Ensure compliance with PCI, NIST, and 201 CMR 17.
Conduct risk assessments, security reviews, and audits.
Identity Lifecycle Management
Manage provisioning, de-provisioning, and access reviews.
Automate IAM workflows for efficiency and security.
Technical Support and Collaboration
Troubleshoot IAM issues including SSO and directory integration.
Collaborate with cybersecurity, IT, and application teams.
Provide IAM best practice guidance.
Documentation and Reporting
Maintain technical documentation.
Report IAM performance and issues to stakeholders.
Requirements
Must be able to travel to Lottery offices statewide as needed.
Ability to provide on-call support during critical IAM events.
Preferred Qualifications
5+ years of IAM experience with Microsoft Entra ID (Azure AD), Active Directory, and SSO.
Experience with SAML, OAuth, and OpenID Connect.
Strong understanding of AD architecture (forests, domains, trusts, replication).
Experience with MFA, conditional access, and identity protection.
Familiarity with PCI, 201 CMR 17, and NIST compliance.
Experience in identity lifecycle management.
Strong troubleshooting skills.