Apply Now

IAM/RBAC Engineer

New York, NY, US • Posted 1 day ago • Updated 12 hours ago

Contract W2

On-site

Eliassen Group

Fitment

Dice Job Match Score™

🛠️ Calibrating flux capacitors...

Job Details

Skills

Remote Access
Life Insurance
Taxonomy
Virtual Private Network
Management
Multi-factor Authentication
Smart Card
ProVision
SQL
Microsoft
PIM
JIT
Workflow
Provisioning
Configuration Management
Inventory
Microsoft Azure
RBAC
Policies and Procedures
Effective Communication
Documentation
Technical Writing
Collaboration
Issue Tracking
Continuous Integration
Continuous Delivery
Auditing
Cloud Computing
Access Control
Screening
Artificial Intelligence
Recruiting
Taxes
Insurance
Law
Communication
Gmail
Routing
Management Consulting
Life Sciences
SAP BASIS
Military

Summary

Description:
Hybrid 4 days onsite in either New York, NY or Pitt, PA or Lake Mary, FL

Our client seeks an IAM/RBAC Engineer to design, implement, and administer access controls in Microsoft Entra ID and Azure RBAC. The contractor will enforce least-privilege, govern privileged and remote access, strengthen authenticator management, and maintain audit-ready documentation and monitoring across Azure environments.

This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $82.00 to $92.00/hr. w2

Responsibilities:

Define and maintain an enterprise Azure RBAC role taxonomy and document role-to-permission mappings.
Map permissions to roles and enforce least-privilege via security groups and scoped role assignments.
Eliminate broad direct privilege assignments and track changes to access models.
Implement PIM and JIT workflows for elevated access with approvals and time-bound permissions.
Establish standards for VPN, jump hosts, and privileged session configurations and restrictions.
Define and manage emergency access procedures with incident notification and post-event review.
Configure MFA for privileged roles using strong authenticators such as smartcards or security keys.
Provision Azure AD administrator roles for applicable services, including SQL.
Enforce managed identities for applications and reduce reliance on local service keys.
Prevent unencrypted static credentials in code and enforce secret hygiene standards.
Author and maintain IAM policies, standards, and operating procedures.
Conduct periodic access reviews and support audit evidence collection.
Maintain asset and data inventories and baseline configurations aligned with configuration management.
Configure Azure-native monitoring and logging for identity and access events.
Route alerts to service owners and security teams and support audit readiness.

Experience Requirements:

Advanced knowledge of Microsoft Entra ID, Azure RBAC, security groups, PIM, and JIT access workflows.
Hands-on experience with Azure Policy, managed identities, and Azure AD admin role provisioning.
Familiarity with Azure monitoring and logging and AAA concepts.
Strong understanding of least-privilege design and access control best practices in Azure.
Competence in baseline configuration management and accurate inventory maintenance.
Experience implementing least-privilege at scale and articulating Azure RBAC rationale.
Ability to author IAM policies and procedures, perform access reviews, and support audits.
Proven capability governing remote and elevated access and emergency access processes.
Effective communication and documentation skills for technical writing and stakeholder coordination.
Ability to collaborate with engineering, security, and operations teams for compliant access practices.
Nice-to-have: Integration with approval systems and ticketing, application identity patterns and CI/CD secret controls, and audit readiness for cloud access controls.

Recruitment Transparency Notice

Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team (, ) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process.

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
If anyone reaches out to you about an open position connected with Eliassen Group, please ensure that you are working directly with us by confirming the following:

When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.

Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group.

If you have any indication of fraudulent activity, please contact .

About Eliassen Group:

Eliassen Group is a strategic consulting firm that helps organizations reach further and achieve more through our technology, business advisory, and life sciences solutions. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients' capacity and accelerate meaningful outcomes. We are driven by a purpose to positively impact the lives of our employees, clients, consultants, and the communities we serve.

Eliassen is committed to building a diverse and inclusive team from a variety of backgrounds, perspectives, and skills. We are an Equal Opportunity and Affirmative Action Employer and all employment decisions are based on merit, performance, and business needs. Eliassen does not discriminate on the basis of race, color, gender identity or expression, sexual preference or orientation, sex (including pregnancy, childbirth, and related medical conditions), marital status, creed, religion, physical or mental disability, genetic information, military or veteran status, age, ancestry, national origin, citizenship status, prohibited criminal record inquiries of applicants and employees, or any other category protected by federal, state, or local laws.

Don't miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: cxelisen
Position Id: a1WUQ000001gjOL2AY
Posted 1 day ago

Company Info

About Eliassen Group

Eliassen Group is a leading strategic consulting company that provides business and IT services for our clients as they seek to transform and execute strategies that will drive exceptional outcomes. Leveraging over 30 years of success, we focus on professional services, talent solutions, and life sciences. Eliassen Group offers local community presence and deep networks. We are committed to positively impacting the lives of our employees, clients, consultants, and the communities in which we operate.

Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Go to company profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Product Owner

New York, New York

•

Today

Description: Hybrid 3 days per week in New York, NY Our client seeks a Product Owner to translate user and stakeholder needs into clear features and delivery plans. The role will engage with business, design, and engineering partners to define requirements, maintain roadmaps, and communicate progress. The Product Owner will validate opportunities, prioritize work, and ensure successful outcomes through Agile practices. We can facilitate w2 and corp-to-corp consultants. For our w2 consultants,

Contract

Project Manager (AdTech)

New York, New York

•

Today

Description: Hybrid 1 day a week onsite in New York, NY Our client seeks a Project Manager for Global Technology Operations to plan and organize activities across product and engineering initiatives. The role will coordinate cross-functional teams, manage scope, risks, and dependencies, and drive delivery of MVPs and project milestones. The Project Manager will produce detailed plans, status reporting, and stakeholder communications within a media and advertising technology context. Due to cl

Contract

Lead Privileged Access Management (PAM) Engineer

Washington, District of Columbia

•

Today

Description: Hybrid 2 Days Onsite/3 Days Remote in Washington, DC Our client seeks a Lead Privileged Access Management (PAM) Engineer to design, implement, and operate enterprise PAM solutions across a complex federal hybrid cloud environment. The role manages privileged identities, enforces access controls, and ensures secure access across cloud and on-prem systems. The position requires deep hands-on experience with CyberArk and modern identity platforms, with the ability to integrate PAM in

Contract

Tactical Network - Engineer

Aberdeen Proving Ground, Maryland

•

Today

Description: On-site in Aberdeen Proving Ground, MD Our client seeks a Field Tactical Network Engineer to serve as a subject matter expert for Program Manager C2 Transport supporting PdM Network Modernization across At-the-Halt, On-the-Move, and SATCOM networks. The engineer will configure, validate, and test tactical network systems, lead coordination across engineering teams, and provide systems engineering oversight for SATCOM, baseband networking, and software development. The role include

Contract

Search all similar jobs

More jobs at Eliassen Group in New York, NY