Overview
On Site
Depends on Experience
Contract - W2
Contract - 12 month(s)
No Travel Required
Skills
IAM
Azure
KQL
Microsoft 365
Kusto
O365
Job Details
Role : IAM Architect
Location : Remote
15 hours per week
Remote but must report onsite in Jackson, MS at least once per quarter
Only W2 no C2C
Job Description:
Scope of Work / Key Responsibilities
1. Identity and Access Management Architecture
Lead DOM’s migration from on-premises Active Directory to Microsoft Entra ID as the authoritative identity source.
Architect and maintain Zero Trust-based authentication and authorization models aligned with CMS MARS-E (or ARC-
AMPE) requirements.
Configure and manage SAML, OAuth, and OIDC integrations for enterprise and line-of-business applications.
Implement enterprise application provisioning and SCIM-based integrations within Entra ID.
Support Access Packages and Access Reviews to strengthen identity governance.
2. Lifecycle Automation and Integration
4. Scoring Method
Criteria Score Percentage Must equal 100%
Cost Score 35%
Resume Score 15%
Interview Score 50%
Develop and maintain PowerShell scripts and Logic Apps to automate identity lifecycle operations (joiners, movers,
leavers).
Extend automation for Workday–Entra ID integration to enable seamless onboarding and offboarding workflows.
Design and implement ServiceNow integration with Entra ID and Workday to achieve fully automated access
provisioning and deprovisioning.
Establish monitoring, exception handling, and logging for lifecycle workflows.
3. Device and Endpoint Management
Align device management with Entra ID Conditional Access and security posture standards.
4. Governance, Risk, and Compliance
Align all identity and access functions with HIPAA, MARS-E, and ARC-AMPE frameworks.
Support policy creation and implementation for identity governance, external identity management, and guest access
control.
Advise on least-privilege access models, periodic entitlement reviews, and compliance documentation.
Collaborate with DOM’s Information Security and Compliance teams to ensure audit readiness.
5. Cloud Service Modernization and Technical Leadership
Provide architectural direction for continued migration of email, file services, and endpoint management to Microsoft
365 / Azure.
Configure and secure line-of-business applications to leverage Entra ID for both AuthN and AuthZ.
Deliver technical workshops and architectural sessions to DOM staff to ensure skills transfer and sustainability.
Maintain alignment with Microsoft’s latest cloud identity and security best practices.
Required Skills/Experience
10+ years of experience designing and implementing Microsoft identity and security solutions for enterprise or public-
sector clients.
Proven ability to deliver and support large, complex migrations to O365 and Azure services.
Strong scripting and automation background (PowerShell, Logic Apps, Graph API).
Experience with Kusto Query Language (KQL).
Deep expertise with Workday, ServiceNow, Entra ID, Intune, and identity governance frameworks.
Demonstrated ability to engage effectively with both executive stakeholders and technical teams.
Experience ensuring compliance with HIPAA, MARS-E (or ARC-AMPE) standards.
Experience supporting GCC tenants.
Preferred Skills:
Current certifications demonstrating expertise in the administration of Microsoft Entra, Identity Governance, Azure,
M365, and Security.
Experience working with state government agencies, particularly Medicaid.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.