Identity & Access Management Consultant/ Microsoft Enterprise Engineer- need NY/NJ locals

Title: Identity & Access Management Consultant/ Microsoft Enterprise Engineer

Position Type: Contract 12 months

Location: New York, NY

Hybrid Work

Description:

The following skillsets are required to support the agency's Microsoft enterprise environment across identity, collaboration, communication, security, and infrastructure. These capabilities are mission-critical for maintaining continuity of operations, enforcing compliance, and driving modernization.

Identity & Access Management

• Entra ID / Azure AD (hybrid identity design & operations)
• Conditional Access policy design and enforcement
• Multi-Factor Authentication (MFA) implementation & governance
• Role-Based Access Control (RBAC) and privileged identity management
• Federation services (ADFS, SSO) and identity lifecycle automation

Messaging & Collaboration

• Exchange hybrid deployments (on-prem + cloud mail flow, connectors, relays)
• Office 365 Exchange Online administration & troubleshooting
• Microsoft Teams voice, meetings, and collaboration governance
• SharePoint Online site administration, permissions, and compliance setup
• Power Platform (Power Automate, Power Apps) integrations for efficiency

Active Directory & Core Infrastructure

• Domain Controller deployment, hardening, and Tier-0 asset protection
• DNS, DHCP, and IP address management at enterprise scale
• PKI management (certificate services, trust hierarchy, smart card/credential issuance)
• Group Policy design, auditing, and optimization
• Secure delegation, OU design, and least-privilege enforcement

Endpoint & Device Management

• Intune configuration for Windows, iOS, and Android enrollment
• Workspace ONE (AirWatch) policy design, deployment, and troubleshooting
• Endpoint compliance baselines and Zero Trust enforcement
• Autopilot deployments, BitLocker management, and patch baselines
• Remote wipe, lost device recovery, and secure app management

Automation & Integration

• PowerShell scripting for identity, mailbox, and compliance automation
• Microsoft Graph API for custom reporting and workflows
• Azure Automation runbooks and scheduled tasking
• CI/CD pipelines for infrastructure-as-code (IaC) where applicable
• Automated compliance dashboards and alerting

Security, Compliance & Risk Mitigation

• Microsoft Purview: eDiscovery, retention, sensitivity labels, and DLP
• Insider risk management and audit readiness
• Data classification and regulatory compliance alignment (HIPAA, CJIS, etc.)
• Threat monitoring with Defender for Identity and M365 Security Suite
• Disaster recovery planning for Microsoft cloud and on-prem workloads

Strategic & Operational Value

• Cross-platform integration between on-prem and cloud systems
• Documentation, knowledge transfer, and staff enablement
• Modernization of legacy systems to align with cloud-first strategies
• Vendor engagement and escalation for high-priority incidents