Apply Now

Senior Identity & Access Management (IAM) Engineer

Remote • Posted 1 hour ago • Updated 1 hour ago

Contract W2

Contract Independent

12 Months

No Travel Required

Remote

Depends on Experience

Fitment

Dice Job Match Score™

🎯 Assessing qualifications...

Job Details

Skills

SailPoint
Microsoft Azure
Entra ID
BeyondTrust
Active Directory
LDAP
SAML
OAuth
IAM

Summary

Job Title: Senior Identity & Access Management (IAM) Engineer

100% Remote

2 rounds of interview Virtual.

1 Year plus contract

MUST HAVE SAILPOINT AND & BEYONDTRUST EXPERIENCE.

Senior Identity & Access Management (IAM) Engineer

Role Overview

Senior IAM Engineer to architect, secure, and operate our enterprise identity infrastructure [1, 2]. This role is a critical position focused on modernizing our hybrid identity footprint, enforcing zero-trust architecture, and securing privileged access. The ideal candidate possesses deep, hands-on engineering mastery across the Microsoft Entra ID suite, SailPoint Identity Governance, Active Directory, and BeyondTrust PAM [3, 4]. You will be responsible for eliminating identity risk, automating the Joiner-Mover-Leaver (JML) lifecycle, and providing high-confidence identity security across our healthcare and research networks [2].

Core Technical Stack

· Identity Platforms: Microsoft Entra ID (Azure AD), Active Directory (AD) [3].

· Identity Governance (IGA): SailPoint [3, 4].

· Privileged Access Management (PAM): BeyondTrust [4].

· Protocols & Standards: SAML, OIDC, OAuth 2.0, Kerberos, LDAP, KQL.

Key Responsibilities

Microsoft Entra ID & Hybrid Identity Operations

· Tenant & Core Identity: Maintain Entra ID tenant architecture, service accounts, directory roles, and emergency break-glass account governance.

· Hybrid Identity & Synchronization: Manage Entra Connect and Cloud Sync topologies, resolve complex attribute authority matching issues, and monitor global synchronization health.

· Groups & RBAC: Define enterprise security group standards, engineer dynamic assignment rules, and build scalable Role-Based Access Control (RBAC) and least-privilege authorization models.

Authentication, Access Control & Application Identity

· MFA & Passwordless: Design and enforce MFA policies, authentication methods, passwordless configurations (FIDO2, Temporary Access Pass/TAP), and manage exception architectures.

· Conditional Access (CA): Architect and troubleshoot advanced, risk-based Conditional Access strategies tracking application, network, and device postures.

· SSO & Application Integration: Own the full lifecycle of application registrations, enterprise apps, OAuth consent workflows, SAML/OIDC configurations, and token claims mapping.

Privileged & Governance Controls (SailPoint & BeyondTrust)

· Identity Governance (IGA): Partner to optimize automated SailPoint Joiner-Mover-Leaver (JML) lifecycle workflows, access packages, entitlement management, separation of duties (SoD), and user access reviews.

· Privileged Access Management (PAM): Architect and configure BeyondTrust and Entra Privileged Identity Management (PIM) to enforce Just-In-Time (JIT) access, admin role approvals, and privileged session auditing.

· External Identity (B2B): Enforce guest user lifecycle configurations, cross-tenant synchronization, external vendor access reviews, and naming standards.

Identity Security, Compliance & Incident Response

· Security Monitoring: Leverage Entra Identity Protection and Microsoft Sentinel integrations to proactively triage identity alerts and anomalies.

· Compliance & Auditing: Respond to identity-centric incident escalations, gather evidence for regulatory audits, and author Standard Operating Procedures (SOPs).

Required Qualifications

· Experience: 7+ years of dedicated Identity and Access Management (IAM) engineering experience within an enterprise environment.

· Platform Mastery: Proven hands-on engineering experience configuring and maintaining Microsoft Entra ID (Azure AD) and on-premises Active Directory [3].

· Governance Tools: Deep technical experience interacting with SailPoint for identity lifecycle automation and access governance [3, 4].

· Privileged Infrastructure: Hands-on experience operating BeyondTrust or Entra PIM for privileged credential vaulting and session management [4].

· Automation: Strong scripting capabilities (PowerShell, Microsoft Graph API) to automate administrative identity tasks.

· Education: Bachelor’s degree in Computer Science, Information Security, or equivalent professional experience.

Preferred Certifications

· Microsoft Certified: Identity and Access Administrator Associate (SC-300)

· Microsoft Certified: Azure Administrator Associate (AZ-104)

· Certified Information Systems Security Professional (CISSP)

· SailPoint Certified IdentityNow/IdentityIQ Engineer or BeyondTrust Certified Engineer [4]

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10267472
Position Id: 8982928
Posted 1 hour ago

Contact the job poster

Avinash Gupta

IT Recruiter @ Ace Technologies, Inc.

View Profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Azure AD IAM Engineer (Entra ID)

Remote

•

2d ago

Description Design, develop and maintain custom IAM solutions usingAzureActive Directory, including implementing identity management and access control policies, integrating with other systems, and managing identities and groups.Troubleshoot and resolve technical issues related to IAM solutions, including authentication and authorization issues, identity synchronization issues, and access control issues.Implement and configure security controls, such as multi-factor authentication, conditional a

Easy Apply

Contract

$70 - $80

Senior IAM Engineer_ Remote

Remote

•

Today

Senior IAM Engineer_ Remote Contract Technical Requirements: Identity & Access Management best practices and governance Azure MFA, Conditional Access Policies, and SSO configuration Entra ID dynamic group rules and hybrid identity management Saviynt (IGA platform) administration, role design, workflows Delinea (Secret Server / Privilege Manager) Active Directory architecture, best practices, and cleanup PowerShell scripting and automation SCIM provisioning and application integrations Merger & a

Easy Apply

Contract

Depends on Experience

IAM Engineer

Remote

•

2d ago

Title - IAM Engineer REMOTE (EST AND CST only) EAD Healthcare or highly regulated industry experience Strong background in regulated environments including HIPAA and SOX PLEASE SHARE YOUR TOP CANDIATE ONLY - I CAN ONLY SEND VERY LIMITED PROFILES** QualificationsBasic Qualifications 10+ years of IAM experience with principal or executive-level ownershipDeep hands-on expertise in Active Directory, Entra ID, and Google Cloud Platform IAMExperience running IAM as a program with accountability for o

Easy Apply

Contract, Third Party

60 - 65

Senior IAM Solutions Engineer

Remote

•

Today

Role: Senior IAM Solutions Engineer Location: REMOTE Client: HCSC Role Overview We are seeking a seasoned Senior IAM Solutions Engineer to design, implement, and automate our identity platform. You will be responsible for bridging the gap between legacy on-premises systems and modern cloud-native identity solutions using the ForgeRock and Ping Identity stacks. Core Responsibilities Design & Implementation: create IAM solutions using Ping Identity and ForgeRock products, including ForgeRock AM,

Easy Apply

Third Party, Contract

Depends on Experience

Search all similar jobs