IAM Engineer - IAMENGG 25-22058

Job Title: IAM Engineer
Duration: 9 Months
Location: Braintree, MA (Hybrid Three days onsite per week)

---

Summary:

A skilled Identity and Access Management (IAM) Engineer is needed to support the implementation, maintenance, and optimization of IAM infrastructure. This role focuses on securing and managing user access across systems using Microsoft Entra ID (Azure AD), Active Directory, and Single Sign-On (SSO) technologies. The IAM Engineer will ensure secure, scalable access while supporting business needs and maintaining compliance with industry security standards.

Ideal candidates will bring a strong technical background in IAM, a proactive approach to solving complex access issues, and a collaborative mindset to work across security, IT, and application teams.

---

Essential Functions:

< class="" data-start="950" data-end="997">IAM Implementation and Administration:</>

• Assist in designing, configuring, and managing IAM systems using Microsoft Entra ID, Active Directory, and SSO.

• Align IAM policies with business and security requirements.

< class="" data-start="1175" data-end="1214">Directory Services Management:</>

• Administer Active Directory environments including forests, domains, trusts, and replication models.

• Manage and optimize Entra ID features such as MFA, conditional access, and identity protection.

• Ensure directory services are secure, scalable, and highly available.

< class="" data-start="1489" data-end="1528">SSO Configuration and Support:</>

• Configure SSO using SAML, OAuth, and OpenID Connect.

• Integrate SSO with cloud and on-prem applications for seamless, secure authentication.

< class="" data-start="1674" data-end="1707">Security and Compliance:</>

• Apply role-based access control (RBAC), identity governance, and security best practices.

• Ensure compliance with regulations such as PCI, NIST, and 201 CMR 17.

• Perform regular risk assessments, security audits, and reviews.

< class="" data-start="1939" data-end="1978">Identity Lifecycle Management:</>

• Oversee provisioning, de-provisioning, and access review processes.

• Automate IAM workflows for improved security and efficiency.

< class="" data-start="2113" data-end="2148">Support and Collaboration:</>

• Troubleshoot IAM issues including SSO and directory integrations.

• Collaborate with cybersecurity, IT, and application teams.

• Advise on IAM best practices and strategy.

< class="" data-start="2324" data-end="2361">Documentation and Reporting:</>

• Maintain technical documentation of IAM systems and configurations.

• Report performance and issues to leadership and stakeholders.

---

Requirements:

• Ability to travel to various in-state office locations as needed.

• Availability to provide on-call support for critical IAM issues.

---

Preferred Qualifications:

• 5+ years of hands-on IAM experience, particularly with Microsoft Entra ID, Active Directory, and SSO.

• Strong expertise in SSO technologies (SAML, OAuth, OpenID Connect).

• Deep understanding of Active Directory architecture and security.

• Proficient in configuring MFA, conditional access, and identity protection mechanisms.

• Familiar with compliance frameworks like PCI, 201 CMR 17, and NIST.

• Experience in managing identity lifecycles and access controls.

• Relevant certifications preferred:

  • Microsoft Certified: Azure Solutions Architect Expert

  • CISSP

  • Certified Identity and Access Manager (CIAM)