Need Senior Authentication Engineer // Remote // 12 Months Contract
Remote • Posted 1 hour ago • Updated 1 hour agoContract W2
Contract Independent
Remote
$40 - $90/hr
Prutech Solutions
Fitment
Dice Job Match Score™
🤯 Applying directly to the forehead...
Job Details
Skills
- Authentication
Summary
Hi ,
Hope you are doing well,
Job Name: Senior Authentication Engineer Active Directory & Microsoft Entra ID Job Location: VA99 Virginia Home Office (Remote)
Job Description : Sallie Mae is seeking a Senior Authentication Engineer with deep expertise in Active Directory and Microsoft Entra ID (formerly Azure AD) to lead the design, modernization, and operations of a hybrid identity platform. This role will drive the migration from traditional Active Directory to Entra ID, retire legacy federations (e.g., ADFS), and convert GPO-based controls into modern Conditional Access and Intune policies. The ideal candidate combines technical leadership with hands-on engineering skills and thrives in large-scale, enterprise environments. Core Responsibilities
Work schedule, EST 8-5, CST 8-5 or PST 8-5.
Job Description : Sallie Mae is seeking a Senior Authentication Engineer with deep expertise in Active Directory and Microsoft Entra ID (formerly Azure AD) to lead the design, modernization, and operations of a hybrid identity platform. This role will drive the migration from traditional Active Directory to Entra ID, retire legacy federations (e.g., ADFS), and convert GPO-based controls into modern Conditional Access and Intune policies. The ideal candidate combines technical leadership with hands-on engineering skills and thrives in large-scale, enterprise environments. Core Responsibilities
Hybrid Identity Architecture & Management
Design, implement, and manage complex hybrid Active Directory and Microsoft Entra ID environments across on-premises and cloud.
Administer Domain Controllers (Windows Server), including AD Sites & Services, DNS, DHCP, time services, SYSVOL/DFSR, and FSMO roles.
Plan and execute domain lifecycle activities (consolidations, inter-forest migrations, decommissions).
Configure and optimize Entra ID for secure access, Conditional Access, identity governance (PIM, access reviews), workload identities, and application registrations.
Manage directory synchronization using Microsoft Entra Connect and Cloud Sync; maintain staging/DR patterns for continuity.
Lead the retirement of legacy identity platforms (e.g., ADFS) and transition to modern authentication (OAuth/OIDC, SAML).
Administer Domain Controllers (Windows Server), including AD Sites & Services, DNS, DHCP, time services, SYSVOL/DFSR, and FSMO roles.
Plan and execute domain lifecycle activities (consolidations, inter-forest migrations, decommissions).
Configure and optimize Entra ID for secure access, Conditional Access, identity governance (PIM, access reviews), workload identities, and application registrations.
Manage directory synchronization using Microsoft Entra Connect and Cloud Sync; maintain staging/DR patterns for continuity.
Lead the retirement of legacy identity platforms (e.g., ADFS) and transition to modern authentication (OAuth/OIDC, SAML).
Cloud, Virtualization & Networking
Operate and troubleshoot Windows workloads in AWS (including EC2, VPC, subnets, security groups, VPN/Direct Connect).
Design resilient identity topologies across data centers and cloud; implement and test AD forest/domain disaster recovery.
Collaborate with platform teams on IaaS/PaaS implementations; leverage Infrastructure as Code (Terraform or CloudFormation) as applicable.
Design resilient identity topologies across data centers and cloud; implement and test AD forest/domain disaster recovery.
Collaborate with platform teams on IaaS/PaaS implementations; leverage Infrastructure as Code (Terraform or CloudFormation) as applicable.
Security & Compliance
Harden Domain Controllers and Windows baselines per CIS Benchmarks and organizational policies.
Translate legacy GPOs into cloud-based controls using Intune and Conditional Access.
Implement strong authentication (MFA/Passwordless/Biometrics, certificate-based auth) and privileged access patterns (Tiering, PAW, JIT/JEA, PIM).
Conduct security assessments, participate in audits, respond to incidents, and ensure compliance with frameworks (PCI, HIPAA, SOC 2, CJIS).
Drive LDAP modernization initiatives, including transitioning to secure LDAPS and coordinating with endpoint and application teams.
Translate legacy GPOs into cloud-based controls using Intune and Conditional Access.
Implement strong authentication (MFA/Passwordless/Biometrics, certificate-based auth) and privileged access patterns (Tiering, PAW, JIT/JEA, PIM).
Conduct security assessments, participate in audits, respond to incidents, and ensure compliance with frameworks (PCI, HIPAA, SOC 2, CJIS).
Drive LDAP modernization initiatives, including transitioning to secure LDAPS and coordinating with endpoint and application teams.
Operational Excellence & Automation
Serve as senior escalation for complex identity issues, drive root cause analysis and sustainable remediation.
Automate at scale using PowerShell and Microsoft Graph API
Establish health monitoring and actionable alerting using native tools and SIEM (Google Chronicle, CloudWatch).
Maintain comprehensive documentation, SOPs, and disaster recovery playbooks.
Automate at scale using PowerShell and Microsoft Graph API
Establish health monitoring and actionable alerting using native tools and SIEM (Google Chronicle, CloudWatch).
Maintain comprehensive documentation, SOPs, and disaster recovery playbooks.
Collaboration & Leadership
Partner with application owners to modernize SSO (SAML/OIDC/OAuth) and deprecate legacy auth flows.
Mentor engineers, lead design reviews, and participate in change management and risk assessments.
Support both workforce and customer identity scenarios; experience with PingOne is a plus.
Mentor engineers, lead design reviews, and participate in change management and risk assessments.
Support both workforce and customer identity scenarios; experience with PingOne is a plus.
Required Qualifications
Bachelor s degree in Computer Science, Information Systems, or equivalent experience.
7+ years in Identity and Access Management, including 5+ years as a Domain Administrator in large, multi-site AD environments.
Expertise in Domain Controller administration, AD Sites & Services, Windows DNS/DHCP, Kerberos/NTLM, and secure LDAPS.
Hands-on experience with Microsoft Entra ID at enterprise scale, including Conditional Access, PIM, and application integrations.
Proficiency with Entra Connect / Cloud Sync and troubleshooting synchronization/authentication flows.
Strong PowerShell and Microsoft Graph automation skills.
Experience operating Windows workloads in AWS/AMS and integrating cloud networking with on-prem identity services.
Proven track record executing AD? Entra ID migrations, ADFS decommissioning, and GPO-to-Intune conversions.
Strong understanding of authentication protocols (LDAP, Kerberos, SAML, OIDC) and Zero Trust principles.
7+ years in Identity and Access Management, including 5+ years as a Domain Administrator in large, multi-site AD environments.
Expertise in Domain Controller administration, AD Sites & Services, Windows DNS/DHCP, Kerberos/NTLM, and secure LDAPS.
Hands-on experience with Microsoft Entra ID at enterprise scale, including Conditional Access, PIM, and application integrations.
Proficiency with Entra Connect / Cloud Sync and troubleshooting synchronization/authentication flows.
Strong PowerShell and Microsoft Graph automation skills.
Experience operating Windows workloads in AWS/AMS and integrating cloud networking with on-prem identity services.
Proven track record executing AD? Entra ID migrations, ADFS decommissioning, and GPO-to-Intune conversions.
Strong understanding of authentication protocols (LDAP, Kerberos, SAML, OIDC) and Zero Trust principles.
Preferred Qualifications
Microsoft Certified: Identity and Access Administrator Associate (SC-300) or equivalent; additional certifications (AZ-104/305, SC-100) are a plus.
Experience with Microsoft Defender for Identity, Defender for Endpoint, and Google Chronicle.
Familiarity with modern access control models (RBAC/ABAC), SCIM provisioning, and workload identity management.
Experience with customer identity platforms (e.g., PingOne) and B2C/B2B collaboration.
Exposure to domain consolidation projects and AI/ML tools for IT operations.
Familiarity with Infoblox for DNS/DHCP/IPAM.
Experience with Microsoft Defender for Identity, Defender for Endpoint, and Google Chronicle.
Familiarity with modern access control models (RBAC/ABAC), SCIM provisioning, and workload identity management.
Experience with customer identity platforms (e.g., PingOne) and B2C/B2B collaboration.
Exposure to domain consolidation projects and AI/ML tools for IT operations.
Familiarity with Infoblox for DNS/DHCP/IPAM.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10117953
- Position Id: 8870755
- Posted 1 hour ago
Company Info
About Prutech Solutions
PruTech is an established Business Support and Information Technology consulting company with over 10 years experience in successfully partnering with private and public sector organizations. We provide the best quality and value to our clients in various industries, which include Finance, Pharmaceutical, Healthcare, Retail and Government. We help our clients achieve tactical and strategic goals by working closely with them in the areas of IT Consulting & Staffing, Customized IT Solutions, Temporary Staffing and Offshore Development Services.
Since our inception in 1998, PruTech management has strived to provide innovative solutions and exceptional staff for numerous Business Support and IT projects. With our strong recruiting expertise and in-depth experience, our responsiveness to the clients' needs is comparable to the best in the industries we serve. We always exceed client expectations in finding the best qualified professionals within the time frame and budget specified for a task.
Careers
Since our inception in 1998, PruTech management has strived to provide innovative solutions and exceptional staff for numerous Business Support and IT projects. With our strong recruiting expertise and in-depth experience, our responsiveness to the clients' needs is comparable to the best in the industries we serve. We always exceed client expectations in finding the best qualified professionals within the time frame and budget specified for a task.
Careers
Create job alert
Never miss an opportunity! Create an alert based on the job you applied for.Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs