Identity and Access Management (IAMS) Solutions Architect

Note: 15 hours per week. Likely to extend past one year for a long term assignment. Remote but must report onsite in Jackson, MS at least once per quarter

Project Description and Job Skills Set:

• The Client seeks a part-time Identity and Access Management (IAM) Solutions Architect Consultant to continue and expand Department's modernization of identity, access, and device management services using Microsoft cloud technologies.
• This consultant will provide architectural guidance, technical implementation, and automation design to ensure a secure, compliant, and efficient identity platform based on Microsoft Entra ID, M365/O365, and Intune.
• The position is ideally suited for a senior-level professional, combining technical authority, business acumen, and delivery oversight across large-scale, public-sector modernization projects.

Scope of Work / Key Responsibilities

1. Identity and Access Management Architecture:

• Lead Department's migration from on-premises Active Directory to Microsoft Entra ID as the authoritative identity source. Architect and maintain Zero Trust-based authentication and authorization models aligned with CMS MARS-E (or ARCAMPE) requirements.
• Configure and manage SAML, OAuth, and OIDC integrations for enterprise and line-of-business applications.
• Implement enterprise application provisioning and SCIM-based integrations within Entra ID.
• Support Access Packages and Access Reviews to strengthen identity governance

1. Lifecycle Automation and Integration

• Develop and maintain PowerShell scripts and Logic Apps to automate identity lifecycle operations (joiners, movers, leavers).
• Extend automation for Workday Entra ID integration to enable seamless onboarding and offboarding workflows.
• Design and implement ServiceNow integration with Entra ID and Workday to achieve fully automated access provisioning and deprovisioning.
• Establish monitoring, exception handling, and logging for lifecycle workflows

1. Device and Endpoint Management

• Align device management with Entra ID Conditional Access and security posture standards

1. Governance, Risk, and Compliance

• Align all identity and access functions with HIPAA, MARS-E, and ARC-AMPE frameworks.
• Support policy creation and implementation for identity governance, external identity management, and guest access control.
• Advise on least-privilege access models, periodic entitlement reviews, and compliance documentation.
• Collaborate with DOM's Information Security and Compliance teams to ensure audit readiness.

1. Cloud Service Modernization and Technical Leadership

• Provide architectural direction for continued migration of email, file services, and endpoint management to Microsoft 365 / Azure.
• Configure and secure line-of-business applications to leverage Entra ID for both AuthN and AuthZ.
• Deliver technical workshops and architectural sessions to Department staff to ensure skills transfer and sustainability.
• Maintain alignment with Microsoft's latest cloud identity and security best practices.

Required Skills and Experience

• 10+ years of experience designing and implementing Microsoft identity and security solutions for enterprise or public- sector clients.
• Proven ability to deliver and support large, complex migrations to O365 and Azure services.
• Strong scripting and automation background (PowerShell, Logic Apps, Graph API).
• Experience with Kusto Query Language (KQL).
• Deep expertise with Workday, ServiceNow, Entra ID, Intune, and identity governance frameworks.
• Demonstrated ability to engage effectively with both executive stakeholders and technical teams.
• Experience ensuring compliance with HIPAA, MARS-E (or ARC-AMPE) standards.
• Experience supporting GCC tenants

Preferred (Not required)

• Current certifications demonstrating expertise in the administration of Microsoft Entra, Identity Governance, Azure, M365, and Security.
• Experience working with state government agencies, particularly Medicaid