Apply Now

PAM Specialist (Entra ID)

Hybrid in Newark, NJ, US • Posted 2 hours ago • Updated 2 hours ago

Full Time

Hybrid

Depends on Experience

Fitment

Dice Job Match Score™

🔢 Crunching numbers...

Job Details

Skills

ADFS
API
CyberArk
OAuth
OIDC
NERC
SaaS
SSO
SAML
Windows PowerShell
PAM controls
Federated Identity
SailPoint
PAM
SAML 2.0
Microsoft Entra ID
Entra ID
security initiatives
OAuth 2.0
ZSP
JIT
FIDO2
NERC CIP
CIP
CIS
SOX
Python
Multi-factor Authentication
Sarbanes-Oxley
Authentication
Active Directory
PowerShell

Summary

Title: PAM Specialist (Entra ID)
Location: Newark, NJ (Hybrid)
Mode: Hybrid (onsite 2-3 days a week)

Responsibilities:

Integrate on-prem and SaaS apps with Microsoft Entra ID using SAML 2.0 and OIDC/OAuth 2.0 (enterprise, gallery, and custom apps)
Design and support secure SSO across cloud, hybrid, and federated identity environments
Manage Entra ID enterprise apps, app registrations, service principals, API permissions, and consent policies
Implement Conditional Access (MFA, risk-based, device-based, step-up authentication)
Assess legacy apps for SSO readiness and recommend modernization
Troubleshoot authentication/federation issues using Entra logs, audit logs, and token diagnostics
Configure and validate secure token settings (claims, redirect URIs, certificates, audience)
Collaborate with IAM, SailPoint, CyberArk, cloud, and app teams for identity modernization
Align authentication with identity lifecycle (provisioning/deprovisioning) and PAM controls (JIT, secrets, session isolation)
Define SSO standards and onboarding guidance for application teams
Support large-scale application onboarding and standardize integration processes/documentation
Drive identity security initiatives (passwordless, Zero Trust, SSO expansion, legacy migration)
Automate tasks using PowerShell, Python, and Microsoft Graph API

Qualifications:

Strong experience integrating applications with Microsoft Entra ID using SAML 2.0, OIDC, and OAuth 2.0
Expertise in SSO, federation, authentication patterns, and enterprise identity architecture
Hands-on with Conditional Access, app registrations, service principals, API permissions, and consent models
Experience with hybrid identity (Active Directory, Entra Connect) and lifecycle management with SailPoint integration
Skilled in troubleshooting authentication using Entra ID logs, token analysis, and sign-in diagnostics
Knowledge of secure token design, claims mapping, certificates, redirect URIs, and encryption standards
Experience with PAM solutions like CyberArk and privileged access integration (ZSP, JIT)
Familiar with passwordless authentication (FIDO2, Windows Hello, certificate-based auth) and Zero Trust principles
Basic automation/scripting using PowerShell, Python, and Microsoft Graph API
Experience supporting large-scale SSO onboarding (300 600+ apps) and enterprise app discovery
Familiar with compliance frameworks (SOX, NERC CIP, CIS)
Experience migrating from legacy IAM platforms (ADFS, Okta, Ping) to Microsoft Entra ID
Strong cross-functional collaboration, documentation, and stakeholder communication skills

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10121335
Position Id: 8974159
Posted 2 hours ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

New York, New York

•

Today

Teamwork makes the stream work. Roku is changing how the world watches TV Roku is the #1 TV streaming platform in the U.S., Canada, and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engag

Full-time

USD 158,000.00 - 279,000.00 per year

Principal Cyber Security Engineer - Identity Access Management (Ping Suite)

Remote or New York, New York

•

Today

About Us: The people of Memorial Sloan Kettering Cancer Center (MSK) are united by a singular mission: ending cancer for life. Our specialized care teams provide personalized, compassionate, expert care to patients of all ages. Informed by basic research done at our Sloan Kettering Institute, scientists across MSK collaborate to conduct innovative translational and clinical research that is driving a revolution in our understanding of cancer as a disease and improving the ability to prevent, di

Full-time

USD 152,400.00 - 251,600.00 per year

Identity Security Engineer

Hybrid in New York, New York

•

30+d ago

Seeking a security architect with in depth understand of authentication, federation, and priviliged management domains. The right candidate will be able to contribute to Zero Trust Initiatives in terms of thinking through issues such as endpoint security and BYOD. The right candidate needs to be able to manage projects related to these domains and drive change in the organization to adapt secure access methods. What you''ll doReview identity configuration and access processes to ensure that acc

Easy Apply

Full-time

Depends on Experience

Engineering Manager - Identity & Access Management

New York, New York

•

Today

The mission of The New York Times is to seek the truth and help people understand the world. That means independent journalism is at the heart of all we do as a company. It's why we have a world-renowned newsroom that sends journalists to report on the ground from nearly 160 countries. It's why we focus deeply on how our readers will experience our journalism, from print to audio to a world-class digital and app destination. And it's why our business strategy centers on making journalism so good

Full-time

USD 165,000.00 - 180,000.00 per year

Search all similar jobs

PAM Specialist (Entra ID)

Dice Job Match Score™

Job Details

Skills

Summary

Similar Jobs