Active Directory / Entra ID / IAM Engineer

Jersey City, NJ, US • Posted 1 hour ago • Updated 1 hour ago
Contract W2
On-site
$70-80/hr
Fitment

Dice Job Match Score™

👤 Reviewing your profile...

Job Details

Skills

  • Jersey
  • Cloud Computing
  • Identity Management
  • SSO
  • SAML
  • OIDC
  • OAuth
  • Access Control
  • Enterprise Software
  • Onboarding
  • Authorization
  • Provisioning
  • Security Policy
  • Server Message Block
  • SMB
  • Auditing
  • Regulatory Compliance
  • Nessus
  • Cyber Security
  • Documentation
  • Solaris
  • Workflow
  • Microsoft Windows
  • Incident Management
  • Management
  • Kerberos
  • Authentication
  • Dragon NaturallySpeaking
  • DNS
  • GPO
  • Replication
  • Hardening
  • Multi-factor Authentication
  • PIM
  • High Availability
  • Failover
  • Active Directory
  • PKI
  • LDAP
  • Use Cases
  • Domain Controllers
  • SailPoint
  • CyberArk
  • Windows PowerShell
  • Python
  • Microsoft
  • API
  • SIEM
  • Splunk
  • Log Analysis
  • Dashboard

Summary

Responsibilities
Active Directory / Entra ID / IAM Engineer

Location: NYC, Jersey City, or Pittsburgh (2-3 days onsite)

Duration: 12-month engagement

Role Overview
We are seeking an experienced Active Directory / Entra ID / IAM Engineer to support enterprise identity and access management services across production environments. This role is focused on maintaining and enhancing on-premises and cloud-based identity infrastructure, with deep emphasis on Active Directory, Microsoft Entra ID, hybrid identity operations, authentication services, and privileged access controls.

Key Responsibilities
Provide day-to-day engineering and operational support for enterprise Active Directory and Entra ID environments supporting large-scale global user populations.

Administer, harden, and support on-premises Active Directory infrastructure including domain controller build and maintenance, DNS (SRV records), LDAP, Kerberos, NTLM, GPO, OU structure, replication, and directory health.

Support Microsoft Entra ID administration including Conditional Access, MFA, Identity Protection, Privileged Identity Management (PIM), app registrations, and service principal governance.

Maintain and support hybrid identity environments including AD Connect configuration, sync operations, failover between data center instances, and PowerShell-based sync troubleshooting.

Administer PKI infrastructure including certificate authority management, certificate lifecycle, LDAP signing, and certificate installation on domain controllers and services.

Support authentication and access solutions including SSO, federation (SAML, OIDC, OAuth2), MFA, and privileged access controls.

Perform enterprise application onboarding and integration with identity platforms; troubleshoot authentication, authorization, and provisioning issues.

Execute platform hardening aligned with Microsoft cumulative hardening guidance and enterprise security policy including SMB signing, LDAP signing, Kerberos enforcement, and legacy protocol disablement.

Support audit, compliance, and vulnerability remediation activities; respond to security findings from scanning tools such as Rapid7, Nessus, or CrowdStrike.

Partner with infrastructure, cybersecurity, and application teams to deliver identity-related changes and service improvements.

Develop and maintain runbooks, operational documentation, and support procedures; train follow-the-sun operations teams on repeatable workflows.

Participate in on-call rotations, after-hours change windows, and incident response including major incident bridge management.

Use PowerShell, Python, and Microsoft Graph / Entra APIs to automate operational tasks and improve efficiency.

Required Skills & Experience
8+ years of hands-on experience administering and supporting enterprise Active Directory including building, hardening, and directly owning domain controllers.
Knowledge of AD fundamentals: Kerberos and NTLM authentication protocols, DNS (SRV records), LDAP and LDAP signing, GPO design, replication, forest/domain architecture, and DC security hardening.
Strong experience with Microsoft Entra ID including Conditional Access, MFA, Identity Protection, PIM, app registrations, and service principal governance.
Hands-on experience with AD Connect in high-availability configurations including multi-data-center failover, sync troubleshooting, and PowerShell-based sync commands.
Experience supporting hybrid identity environments across on-premises Active Directory and Microsoft Entra ID.
Working knowledge of PKI infrastructure including certificate authority administration, LDAP signing, and certificate use cases on domain controllers.
Experience with IAM and PAM platforms such as SailPoint, Okta, and CyberArk.
Proficiency in PowerShell; Python and Microsoft Graph API experience preferred.
Experience with enterprise SIEM platforms (Splunk preferred) for log analysis, dashboard use, and incident triage.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: cxbcsi
  • Position Id: Job44756
  • Posted 1 hour ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Hybrid in New York, New York

Today

Easy Apply

Contract

Depends on Experience

Jersey City, New Jersey

Today

Contract

75-87/hr

New York, New York

Today

Full-time

USD 158,000.00 - 279,000.00 per year

Parsippany-Troy Hills, New Jersey

Today

Full-time

USD 108,000.00 - 130,000.00 per year

Search all similar jobs