IAM Implementation Engineer (Microsoft Entra ID and CyberArk PAM)

New York, NY, US • Posted 6 hours ago • Updated 6 hours ago
Full Time
On-site
Depends on Experience
Fitment

Dice Job Match Score™

🔢 Crunching numbers...

Job Details

Skills

  • CyberArk PAM

Summary

Role: Sr. IAM Implementation Engineer (Microsoft Entra ID and CyberArk PAM)

Location: New York, NY 10017 (100% Onsite)

FTE Only

Role Summary

We are seeking a Senior / Principal IAM & PAM Implementation Engineer with deep handson experience in Microsoft Entra ID (Azure AD) and CyberArk Privileged Access Management, combined with AI / GenAI identity security exposure, to support financial services and highly regulated clients.

This role is executiondriven and operates in missioncritical environments where identity failures directly impact business continuity, regulatory compliance, and customer trust. The engineer will design, implement, and operate IAM and PAM controls aligned to Zero Trust principles, audit requirements, and financialindustry regulations.

Key Responsibilities

Identity & Access Management (Microsoft Entra ID / Azure AD)

  • Design and handson implement Microsoft Entra ID solutions in regulated, productioncritical environments
  • Design and enforce Conditional Access, MFA, passwordless authentication, and devicebased access
  • Integrate internal and thirdparty applications using SAML, OAuth 2.0, OIDC
  • Implement identity lifecycle (JML), RBAC, access reviews, and entitlement management
  • Maintain role-based access control (RBAC) aligned with leastprivilege principles.
  • Support IAM integrations with CyberArk PAM, DLP, and security platforms where applicable.
  • Troubleshoot complex signin, token, MFA, PRT, and policy enforcement issues with minimal user disruption

Privileged Access Management (CyberArk PAM)

  • Handson deployment and administration of CyberArk components: Vault, PSM, CPM, Secrets Management
  • Onboard privileged accounts across servers, databases, network, cloud, and service identities
  • Enforce leastprivilege, credential rotation, session recording, and approval workflows
  • Integrate CyberArk with Microsoft Entra ID for identitydriven privileged access.
  • Monitor privileged access activity and investigate suspicious or noncompliant usage.
  • Support PAM audits, regulatory reviews, and emergency access scenarios (breakglass)

AI / GenAI Identity Security

  • Implement identity and access controls for AI and GenAI platforms (e.g., Microsoft Copilot, enterprise AI workloads)
  • Secure:
    • AI service identities and service principals
    • API access and automation credentials
    • AI training and inference access pipelines
  • Align IAM, PAM controls with enterprise AI governance, model risk, and data protection standards

Governance, Compliance & Risk

  • Implement IAM and PAM controls aligned with Financialservices regulatory expectations and Internal risk & audit frameworks
  • Support audits and compliance reviews (e.g., access evidence, privileged access reports)
  • Design and maintain auditready documentation, including:
    • Architecture diagrams
    • Policy definitions
    • Access workflows and operational procedures
  • Participate in identityrelated incident response, RCA, and remediation activities

Delivery & Client Engagement

  • Lead IAM/PAM implementations from design through production rollout
  • Work closely with Security leadership, Risk & compliance teams, Application owners, Auditors and regulators (as required)
  • Provide clear, pragmatic recommendations balancing security, usability, and regulatory compliance
  • Act as a trusted technical advisor to clients in highstakes environments

Required Skills & Experience

Mandatory (Handson)

  • 8 15 years of IAM / Security engineering experience in regulated environments
  • Strong handson experience with:
    • Microsoft Entra ID (Azure AD)
    • CyberArk PAM (Vault, PSM, CPM, Secrets)
  • Conditional Access, MFA, Passwordless, RBAC
  • SAML, OAuth 2.0, OpenID Connect
  • Production troubleshooting in large enterprise environments

RegulatedIndustry Experience

  • Experience supporting financial services, banking, insurance, or similarly regulated clients
  • Exposure to audit, compliance, or risk workflows related to identity and privileged access
  • Comfort operating under strict change management and approval processes

Nice to Have

  • Identity Governance (PIM, Access Reviews)
  • SIEM integrations (Azure Sentinel, Splunk)
  • PowerShell / automation for IAM & PAM
  • Zero Trust architecture implementation experience

Soft Skills

  • Strong handson engineering mindset (not architectureonly).
  • Processdriven mindset with strong documentation discipline.
  • Pragmatic problemsolver with strong risk awareness
  • Excellent client communication and stakeholder management skills. Clear communication with technical and business stakeholders.
  • Ability to build longterm, trusted relationships.
  • Calm and methodical approach in highimpact production incidents. Ability to support incidents under pressure

Preferred Certifications

  • Microsoft SC300 / AZ104 / AZ900
  • CyberArk PAM certifications
  • Security or identityrelated certifications (preferred)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10110007
  • Position Id: IAMENG
  • Posted 6 hours ago
Contact the job poster
LP

Lisa Paul

Recruiter @ Compugra Systems
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

New York, New York

Today

Full-time

USD 158,000.00 - 279,000.00 per year

New York, New York

26d ago

Full-time

USD 110,000.00 - 130,000.00 per year

New York, New York

Today

Full-time

USD 110,000.00 - 130,000.00 per year

New York, New York

6d ago

Full-time

Search all similar jobs