IAM Platform Administrator

IAM Platform Administrator
Contract: 6 Months with ongoing 6 Month renewals Hybrid: 3-4 days onsite Local Candidates Only Richmond, VA
No C2C Candidate!

SUMMARY:
Seeking a seasoned and proactive IAM Platform Administrator to lead the design, integration, and operational support of enterprise-wide Identity and Access Management (IAM) ecosystem. This role is critical in shaping and maintaining a secure, scalable identity architecture across hybrid environments spanning on-premises Active Directory, Microsoft Entra ID, and federated cloud services (Azure, AWS, M365, and more). Play a key role in implementing modern identity solutions, enabling seamless authentication, secure access, and governance aligned with zero trust principles

KEY RESPONSIBILITIES:
In addition to other occasional tasks, the candidate s key responsibilities will be:

• Design and maintain identity architecture across on-premises AD, Microsoft Entra ID, and federated cloud platforms (Azure, AWS, M365).

• Implement and manage hybrid identity solutions, including seamless SSO, password less authentication, and conditional access policies.

• Automate identity lifecycle processes (provisioning, deprovisioning, role transitions) using PowerShell, Microsoft Graph, and Entra ID Governance.

• Integrate third-party applications with Entra ID using SAML, OAuth2, and OpenID Connect protocols.

• Monitor and troubleshoot authentication flows, device join states, token issuance (PRT), and MFA challenges.

• Administer and support IAM components including SSO, MFA, conditional access, and selfservice password reset.
• Manage user lifecycle operations (Joiner-Mover-Leaver) across AD, Entra ID, and Okta, ensuring accurate role-based access.

• Provide production-level support for Active Directory infrastructure, including domain controllers, replication, trust relationships, and GPOs.

• Design and maintain automation scripts (PowerShell, Python, Bash) for bulk provisioning, reporting, and account cleanup.

• Collaborate with security and compliance teams to enforce least privilege, RBAC, and Just-InTime access models.
• Monitor IAM systems for performance issues, outages, and anomalies, and respond swiftly to incidents.
• Collaborate with IT and helpdesk teams to resolve authentication and access-related issues.
• Document and maintain SOPs, escalation ladders, and architectural diagrams for identity services.

• Stay current on evolving identity threats, zero trust architecture, and Microsoft roadmap updates.

• Develop and deliver user training and support for IAM tools and workflows

MINIMUM QUALIFICATIONS:

• 10+ years of hands-on experience in IAM, IT security, or infrastructure administration.
• Deep expertise in Microsoft Entra ID (Azure AD) and Okta, including hybrid identity, federation, and synchronization.

• Strong proficiency in Active Directory administration, including GPOs, replication, and domain controller management.

• Proven experience managing access via roles, groups, and entitlements across web, cloud, and service-based environments.

• Skilled in lifecycle operations: provisioning, updates, suspension, and de-provisioning of identities.

• Experience with IAM automation and scripting using PowerShell, Microsoft Graph, or similar tools.

• Strong troubleshooting skills across IAM components and authentication protocols.
• Demonstrated ability to detect and respond to IAM-related security incidents.

PREFERRED QUALIFICATION:

• Experience managing hybrid identity environments integrating on-prem AD with clowith cloud IAM platforms.

• Certifications such as Security+, CISSP, Okta Certified Administrator, or Microsoft Entra Certified.

• Familiarity with federated identity protocols (SAML, OAuth2, OpenID Connect).
• Working knowledge of identity synchronization tools (e.g., Microsoft Entra Connect, Okta AD Agent).

• Hands-on experience with IAM migration projects from on-prem to cloud.
• Exposure to Identity Governance & Administration (IGA) and Privileged Access Management (PAM) solutions.

• Experience generating audit and compliance reports aligned with SOX, HIPAA, ISO 27001.
• Strong troubleshooting across multi-platform authentication (.NET, Java, cloud-native apps).

• Understanding of cloud and on-prem security best practices (Azure, AWS, Google Cloud Platform).