Hybrid Details: three days/week onsite
Duration: 6 months to start 

Position Overview:
The Identity and Access Management (IAM) Engineer will be responsible for implementing, managing, and maintaining the identity and access management infrastructure for the client.

• This role will focus on ensuring secure, efficient, and scalable access to digital resources while supporting business objectives and maintaining compliance with security standards.
• The IAM Engineer will work with Microsoft Entra ID (Azure AD), Active Directory, and Single Sign-On (SSO) technologies to enable secure user access and enforce the principle of least privilege across various platforms and applications.
• The ideal candidate will have a strong technical background in identity and access management and be able to support and troubleshoot complex IAM-related issues.

• Assist in designing, configuring, and managing the IAM framework using Microsoft Entra ID (Azure AD), Active Directory, and SSO technologies.
• Ensure alignment of IAM policies and processes with business and security requirements.

• Support the administration and maintenance of Active Directory forests, domains, trusts, and replication models.
• Manage and optimize Microsoft Entra ID services, including MFA, conditional access, and identity protection.
• Ensure high availability, scalability, and security of directory services.

• Configure and support SSO solutions using protocols like SAML, OAuth, and OpenID Connect.
• Integrate SSO with cloud and on-premises applications to provide seamless authentication and secure access.

• Enforce security best practices, including role-based access control (RBAC), access policies, and identity governance.
• Monitor and ensure compliance with relevant regulatory standards, such as PCI, NIST, and 201 CMR 17.
• Conduct regular risk assessments, security reviews, and audits to ensure a secure IAM environment.

• Manage user provisioning, de-provisioning, and access reviews across systems and applications.
• Automate and improve IAM workflows to enhance efficiency and security.

• Troubleshoot and resolve IAM-related issues, including SSO failures and directory integration issues.
• Work closely with cybersecurity, IT, and application teams to ensure seamless identity and access management.
• Provide technical guidance to other teams on IAM best practices.

• Develop and maintain technical documentation for IAM configurations and processes.
• Report IAM performance and issues to senior management and stakeholders.

• Must be able to travel to offices statewide and/or other locations, as required.
• Ability to provide on-call support for IAM issues during critical events.

• 5+ years of experience in Identity and Access Management (IAM) with a focus on Microsoft Entra ID (Azure AD), Active Directory, and SSO integration.
• Experience with SSO technologies including SAML, OAuth, and OpenID Connect.
• Strong understanding of Active Directory architecture, including forests, domains, trusts, and replication.
• Hands-on experience with MFA, conditional access policies, and identity protection.
• Familiarity with regulatory compliance frameworks such as PCI, 201 CMR 17, and NIST.
• Experience in identity lifecycle management, including provisioning, de-provisioning, and access reviews.
• Strong problem-solving and troubleshooting skills with IAM systems.
• Relevant certifications such as Microsoft Certified: Azure Solutions Architect Expert, CISSP, or Certified Identity and Access Manager (CIAM) preferred.