Eliassen Group
Eliassen Group

IAM/RBAC Engineer

Pittsburgh, PA, US • Posted 6 hours ago • Updated 6 hours ago
Contract W2
On-site
Company Branding Image
Fitment

Dice Job Match Score™

📋 Comparing job requirements...

Job Details

Skills

  • SAP BASIS
  • Life Insurance
  • Taxonomy
  • Virtual Private Network
  • Multi-factor Authentication
  • Smart Card
  • ProVision
  • SQL
  • Embedded Systems
  • Microsoft
  • PIM
  • JIT
  • Provisioning
  • RBAC
  • Microsoft Azure
  • Incident Management
  • Configuration Management
  • Policies and Procedures
  • Communication
  • Documentation
  • Technical Writing
  • Collaboration
  • Workflow
  • Design Patterns
  • Continuous Integration
  • Continuous Delivery
  • Management
  • Auditing
  • Access Control
  • Cloud Computing
  • Screening
  • Artificial Intelligence
  • Recruiting
  • Taxes
  • Insurance
  • Law
  • Management Consulting
  • Finance
  • Regulatory Compliance

Summary

Description:
Hybrid 4 in either Pittsburgh, PA, New York, NY or Lake Mary, FL

The organization seeks an IAM/RBAC Engineer to design, implement, and administer access controls in Microsoft Entra ID and Azure RBAC. The contractor will enforce least-privilege principles, govern privileged access with JIT and PIM, and strengthen authenticator management and secret hygiene. The role will also configure Azure-native monitoring and logging, maintain access governance documentation, and support audit readiness across identity and access controls.

Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $84.00 to $94.00/hr. w2

Responsibilities:
  • Design and maintain an enterprise Azure RBAC role taxonomy and document role-to-permission mappings and changes.
  • Map permissions to roles and enforce least-privilege access via security groups and role assignments while prohibiting broad, direct privilege assignments.
  • Implement Just-in-Time workflows for elevated access with approvals and time-bound permissions using PIM.
  • Establish usage restrictions and configuration norms for VPN, jump hosts, and privileged sessions.
  • Define and oversee emergency access procedures, incident notification, and post-event review.
  • Configure MFA for privileged roles using strong authenticators such as smartcards or security keys.
  • Provision Azure AD administrator roles for services such as SQL where applicable.
  • Enforce managed identities for applications and reduce reliance on local service keys.
  • Ensure users safeguard issued authenticators and prevent unencrypted embedded static credentials in code, images, and configurations.
  • Author and maintain policies, standards, and operating procedures for access controls.
  • Conduct periodic access reviews and support audit evidence collection.
  • Maintain inventories of assets and data with baseline configurations aligned to configuration management practices.
  • Configure Azure-native monitoring and logging for identity and access events and route alerts to service owners and security teams.
  • Validate emergency access use through incident workflows and support audit readiness across access-related controls.

Experience Requirements:
  • Advanced knowledge of Microsoft Entra ID, Azure RBAC, security groups, PIM, and JIT access workflows.
  • Hands-on experience with Azure Policy and resource configurations, including enabling managed identities and provisioning Azure AD admin roles.
  • Ability to minimize local service key usage through centralized identity control.
  • Familiarity with Azure monitoring and logging capabilities and AAA concepts, including integration with approval workflow tools.
  • Demonstrated experience implementing least-privilege design at scale and articulating rationale for RBAC in Azure.
  • Proven capability to implement and govern remote and elevated access, emergency access processes, and related incident handling.
  • Competence in baseline configuration management and maintaining accurate asset and data inventories.
  • Ability to author and maintain IAM policies and procedures, perform access reviews, and support audit evidence and control test preparation.
  • Strong communication and documentation skills for technical writing and stakeholder coordination.
  • Experience integrating identity workflows with enterprise approval systems and ticketing or incident processes (preferred).
  • Exposure to application identity design patterns and CI/CD controls for secret management (preferred).
  • Background supporting audit readiness for access controls in cloud environments (preferred).


Recruitment Transparency Notice



Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team (, ) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process.

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact .

About Eliassen Group:

Eliassen Group is a leading strategic consulting company for human-powered solutions. For over 30 years, Eliassen has helped thousands of companies reach further and achieve more with their technology solutions, financial, risk & compliance, and advisory solutions, and clinical solutions. With offices from coast to coast and throughout Europe, Eliassen provides a local community presence, balanced with international reach. Eliassen Group strives to positively impact the lives of their employees, clients, consultants, and the communities in which they operate.

Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Don't miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: cxelisen
  • Position Id: a1WUQ000001Lk8v2AC
  • Posted 6 hours ago

Company Info

About Eliassen Group

Eliassen Group is a leading strategic consulting company that provides business and IT services for our clients as they seek to transform and execute strategies that will drive exceptional outcomes. Leveraging over 30 years of success, we focus on professional services, talent solutions, and life sciences. Eliassen Group offers local community presence and deep networks. We are committed to positively impacting the lives of our employees, clients, consultants, and the communities in which we operate.

Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Go to company profile
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Senior Oracle DBA (Azure)

Pittsburgh, Pennsylvania

Today

Contract

Infrastructure Engineer

Pittsburgh, Pennsylvania

Today

Contract

Principal Azure Capacity Manager

Pittsburgh, Pennsylvania

Today

Contract

Senior Software Engineer

Pittsburgh, Pennsylvania

Today

Contract

Search all similar jobs