Overview
Full Time
Accepts corp to corp applications
Contract - W2
Contract - 12 Month(s)
Skills
Identity and Access Management
Active Directory
Project Management
Governance
Change Management
Oauth
Technical Support
Application Programming Interfaces (APIs)
Communication Skills
Infrastructure Management
Stakeholder Management
Automation
Architecture
Workflows
IT Service Management
Lifecycle Management
Administrative Operations
National Institute of Standards and Technology
PCI Data Security Standards
Security Controls
Sarbanes-Oxley Act (SOX) Compliance
Perseverance
Risk Assessment
Public Key Infrastructure
Security Assertion Markup Language (SAML)
Technical Skills
Kerberos (Protocol)
Public Key Certificates
Access Controls
Directory Service
Writing Documentation
Job Details
Role: IAM Architect 15+ Needed
Location: NYC Onsite
Scheduled Work Hours: Normal business hours Monday-Friday, 35 hours/week (not including mandatory unpaid meal break after 6 hours of work).
Projected Assignment Start Date:11/24/2025
Projected Assignment End Date:11/22/2026
Projected Assignment Start Date:11/24/2025
Projected Assignment End Date:11/22/2026
Job Description :
The Citywide Identity and PKI Modernization project. Infrastructure Resilience is undertaking a major transformation of its Identity Access Management ecosystem by consolidating disparate directories and modernizing Citywide PKI to align with industry best practices and regulatory demands.
SCOPE OF SERVICES:
Assess and develop a roadmap for Agency's disparate directories consolidation
Provide guidance and implementation support for integration with Entra and other IAM security enhancements
Architect and implement Citywide-level PKI modernization, including infrastructure changes for reduced certificate lifespans
Advice on governance, compliance, lifecycle management and automation of digital certificates
Lead migration planning, risk assessment, and mitigation for directories and PKI modernization
Perform technical knowledge transfer, upskilling internal teams on new infrastructure and practices
Advice on governance, compliance, lifecycle management and automation of digital certificates
Lead migration planning, risk assessment, and mitigation for directories and PKI modernization
Perform technical knowledge transfer, upskilling internal teams on new infrastructure and practices
TASKS:
PKI Architecture, Engineering, and Administrator 40%
Entra ID Architecture, Engineering, and Administrator 30%
Directory Architecture, Engineering, and Administrator 20%
IAM Level 3 Technical Support 10%
MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered.
Deep expertise in Active Directory (on-prem and hybrid), Entra ID, and eDirectory
13 years in IAM architect, engineering, administration, and operations with a focus on directory services and PKI
Hands-on experience in designing and operating Microsoft PKI, including certificate authority management, certificate lifecycle, and automation
Solid understanding of modern authentication/authorization protocols (OAuth, SAML, Kerberos, etc.)
Experience with security roadmap development, risk assessment, and compliance (NIST, ISO, SOX or PCI-DSS)
Strong documentation, communication, and stakeholder management skills
DESIRABLE SKILLS/EXPERIENCE:
Experience with cloud PKI services
Familiarity with Entra ID Governance, Conditional Access Policy, and modern security controls
Experience automating PKI workflows (API/script-based certificate management)
Multi-forest, multi-tenant IAM architecture expertise methodologies
Experience with cloud PKI services
Familiarity with Entra ID Governance, Conditional Access Policy, and modern security controls
Experience automating PKI workflows (API/script-based certificate management)
Multi-forest, multi-tenant IAM architecture expertise methodologies
SPECIAL REQUIREMENTS: N/A
Ability to work cross-functionally with technical and business stakeholders in a complex enterprise
A background check may be required for the selected candidate.
Working knowledge of enterprise ITSM, change management, and project management
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.