IAM Security Engineer

IAM Security Engineer

Posted 1 week ago by 1751613651

Apply
Negotiable
Outside
Remote
USA
Apply
Application Programming Interface (API) Authentications Automation AWS Identity And Access Management (IAM) Azure Active Directory Azure Security Certified Information Systems Security Professional (CISSP) Cyber Incident Response Identity And Access Management Management Microsoft 365 Microsoft Azure Multi-Factor Authentication Privilege Escalation Role-Based Access Control (RBAC) Scalability Scripting Security Assertion Markup Language (SAML) Security Engineering Single Sign-On (SSO) Terraform Threat Detection Windows PowerShell Workflows

Summary: The IAM Security Engineer IV role involves leading identity protection initiatives within a hybrid enterprise environment, focusing on Microsoft Entra ID (Azure AD) and implementing Zero Trust Identity frameworks. The position requires designing and automating identity architectures while ensuring compliance with security policies. The engineer will also monitor for identity-based threats and collaborate with various teams to enforce identity security. This is a 6-month contract-to-hire position that is fully remote.

Key Responsibilities:

  • Architect and secure Microsoft Entra ID (Azure AD) across federated and hybrid environments with a focus on SSO, conditional access, and authentication flows.
  • Lead the deployment of robust RBAC models, JIT access via PIM, and secure provisioning/deprovisioning workflows.
  • Automate identity operations using PowerShell, Microsoft Graph API, and Terraform, with emphasis on reproducibility and scalability.
  • Enforce identity governance and entitlement management policies across users, apps, and services using Microsoft Entra ID Governance.
  • Design and lead implementation of adaptive MFA and passwordless authentication strategies.
  • Monitor for identity-based threats including token abuse, account compromise, and privilege escalation.
  • Lead identity security incident response and ensure compliance with internal and regulatory policies.
  • Collaborate cross-functionally with security, engineering, and compliance teams to enforce identity security across the stack.

Key Skills:

  • 5+ years of hands-on identity security engineering, with deep expertise in Microsoft Entra ID (Azure AD).
  • Strong command of RBAC, PIM, conditional access, SAML, OIDC, OAuth2, and federated identity standards.
  • Experienced in developing and deploying automation workflows using PowerShell scripting, Microsoft Graph API integration, and identity focused Terraform modules.
  • Advanced understanding of hybrid identity models, AD Connect, and synchronization configurations.
  • Knowledge of Zero Trust principles, modern identity threat detection, and access governance.
  • Certifications such as SC-300, CIST, CIMP, CIAM, CAMS, Azure Security, CISSP, or credentials with a specialization in Identity and Access Management are strongly preferred.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Role: IAM Security Engineer IV

Location: 100% Remote

Duration: 6 Months contract to hire

Interview: MS-Teams/Webex/Video

Responsibilities:

We are looking for a Principal Security Engineer Identity Security to lead identity protection initiatives across our hybrid enterprise. This individual will be the technical owner of identity lifecycle security, focused on Microsoft Entra ID (Azure AD), RBAC, conditional access, and privileged access management. You will design and automate resilient identity architectures and lead the enforcement of least-privilege models and Zero Trust Identity frameworks.

Key Responsibilities:

  • Architect and secure Microsoft Entra ID (Azure AD) across federated and hybrid environments with a focus on SSO, conditional access, and authentication flows.
  • Lead the deployment of robust RBAC models, JIT access via PIM, and secure provisioning/deprovisioning workflows.
  • Automate identity operations using PowerShell, Microsoft Graph API, and Terraform, with emphasis on reproducibility and scalability.
  • Enforce identity governance and entitlement management policies across users, apps, and services using Microsoft Entra ID Governance.
  • Design and lead implementation of adaptive MFA and passwordless authentication strategies.
  • Monitor for identity-based threats including token abuse, account compromise, and privilege escalation.
  • Lead identity security incident response and ensure compliance with internal and regulatory policies.
  • Collaborate cross-functionally with security, engineering, and compliance teams to enforce identity security across the stack.

Qualifications:

  • 5+ years of hands-on identity security engineering, with deep expertise in Microsoft Entra ID (Azure AD).
  • Strong command of RBAC, PIM, conditional access, SAML, OIDC, OAuth2, and federated identity standards.
  • Experienced in developing and deploying automation workflows using PowerShell scripting, Microsoft Graph API integration, and identity focused Terraform modules.
  • Advanced understanding of hybrid identity models, AD Connect, and synchronization configurations.
  • Knowledge of Zero Trust principles, modern identity threat detection, and access governance.
  • Certifications such as SC-300, CIST, CIMP, CIAM, CAMS, Azure Security, CISSP, or credentials with a specialization in Identity and Access Management are strongly preferred.
Apply
Similar Jobs
Loading data...