Identity Engineer (Windows Hello for Business)

Alpharetta, GA, US • Posted 22 days ago • Updated 22 days ago

Contract Independent

Contract Corp To Corp

Contract W2

No Travel Required

Able to Sponsor

On-site

$60 - $70/hr

Fitment

Dice Job Match Score™

🔢 Crunching numbers...

Job Details

Skills

Total Productive Maintenance
Provisioning
Recovery
Regulatory Compliance
Migration
Multi-factor Authentication
NIST 800-53
Kerberos
Management
Microsoft
Microsoft Windows
High-level Design
ISO/IEC 27001:2005
IT Management
Communication
Documentation
Help Desk
Business Requirements Gathering
Cloud Computing
TPM
PKI
Reporting
Risk Management
SSO
Smart Card
Analytics
Auditing
Authentication
Backup
ADFS
AIA
Acceptance Testing
Active Directory
GPO
Training
User Experience
VDI
Workflow

Summary

Job Details:

Job Title: Identity Engineer (Windows Hello for Business)

Duration: Long-Term Contract

Location: Alpharetta, GA || Hybrid

Job Description:

The IAM Engineer– Passwordless & WHfB will lead the design and implementation of modern authentication solutions across the enterprise.
This role focuses on assessing the current identity landscape, architecting Windows Hello for Business and passwordless strategies, integrating with Microsoft Entra ID and Intune, and guiding large‐scale rollout and operational readiness.
The architect will ensure security, compliance, and user experience are optimized while providing clear documentation, technical leadership, and cross-team enablement.

Architecture & Design

Assess current identity and authentication posture (password policies, MFA, PKI, hybrid join, device management).
Recommend the appropriate Windows Hello for Business (WHfB) trust model (Cloud Kerberos, Hybrid Key, Hybrid Certificate) and define migration paths.
Design integrations with Microsoft Entra ID, Active Directory, Intune, Conditional Access, Identity Protection, and Defender for Endpoint.
Define device provisioning and compliance requirements (Autopilot, VDI, TPM, HSTI) and establish backup/recovery strategies.

Implementation & Rollout

Configure WHfB policies (Intune/GPO), Authentication Methods, and Conditional Access for passwordless authentication.
Implement or integrate PKI components, certificate templates, CRLs/AIA, and support smart card migration/ADFS deprecation where needed.
Run pilots, evaluate results, and manage phased rollouts across regions and device types.
Validate SSO/Kerberos flows to on‐prem resources and establish monitoring via Entra logs, Intune reporting, and Log Analytics.

Troubleshooting & Operations

Build runbooks, break‐glass steps, and tiered support workflows.
Diagnose WHfB issues (TPM/attestation, PIN reset, dsregcmd, trust model anomalies).
Optimize user experience, authentication performance, and fallback MFA posture.

Security & Compliance

Align solutions with NIST 800‐63/800‐53, ISO 27001, and phishing‐resistant authentication best practices.
Ensure IAM policies meet governance, audit, and risk‐mitigation requirements.

Documentation & Enablement

Produce HLD/LLD documentation, migration plans, test/UAT guides, and support FAQs.
Deliver training and communication materials for admins, helpdesk teams, and end users.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 70000132
Position Id: 26-00123
Posted 22 days ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

IAM Consultant

Atlanta, Georgia

•

6d ago

Job Description: IAM Consultant Location: Alpharetta, GA The IAM Engineer Passwordless & WHfB will lead the design and implementation of modern authentication solutions across the enterprise. This role focuses on assessing the current identity landscape, architecting Windows Hello for Business and passwordless strategies, integrating with Microsoft Entra ID and Intune, and guiding large scale rollout and operational readiness. The architect will ensure security, compliance, and user experience

Easy Apply

Third Party

$DOE

Identity Engineer- Directory Services

Georgia

•

7d ago

Position : Identity Engineer- Directory Services Location : Atlanta, GA OR Windsor, CT (Hybrid) Job Type: Contract Job Description: The Directory Services / Identity Engineer will lead the technical efforts to migrate client domain users, applications, and infrastructure into the client enterprise domain (DSGLOBAL). This role focuses on designing, implementing, and troubleshooting Active Directory (AD), Microsoft Entra ID (formerly Azure AD), and identity integrations to ensure a secure and s

Easy Apply

Third Party

Senior Software Engineer - Windows Debugging

Atlanta, Georgia

•

Today

Overview We are looking to expand our team of Software Engineers (SWEs), that enables the success of Microsoft solutions for our Commercial & Enterprise customers. The Senior Software Engineer - Windows Debugging will be responsible for solving complex problems and ensuring the functionality of our products whilst maintaining customer satisfaction. As a technical leader, you will have many opportunities to assist in the growth of your colleagues through one-on-one mentoring, one-to-many educati

Full-time

USD 119,800.00 - 234,700.00 per year

Cybersecurity Senior Engineer - IAM Identity Services

Atlanta, Georgia

•

Today

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status. Need Help? If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Acce

Full-time

Search all similar jobs