Senior Identity Access Management Engineer

• Lead enterprise-wide IAM standardization, including identity lifecycle, access governance, and policy enforcement across global regions.
• Drive automation across IAM to streamline administration and deliver a smoother user experience.
• Support enterprise applications onboarding into Azure Entra ID, including SSO, Conditional Access, and role-based access control (RBAC).
• Enhance privileged access management and implement scalable monitoring, alerting, and auditability solutions to support a secure, geographically distributed workforce.
• Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives.
• Advance Zero Trust Identity Fabric principles like continuous verification, least-privilege access, and identity-aware policy enforcement across users, devices, workloads, and non-human identities.
• Build identity automation with a DevOps mindset, writing scripts, developing pipelines, and engineering tooling from scratch rather than just configuring them.

• 8+ years of hands-on experience with identity and access management and automating cloud technologies, particularly within the Microsoft ecosystem.
• Strong analytical skills and attention to detail, with the ability to troubleshoot complex infrastructure and identity-related issues.
• Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non-technical stakeholders.
• Deep experience with Microsoft Entra ID, including Conditional Access, Identity Governance, and Privileged Identity Management.
• Familiarity with Microsoft 365 services: Exchange Online, Defender, Purview, Sentinel, Intune, and related platforms.
• Automation and scripting skills using PowerShell, Azure CLI, and Microsoft Graph API
• working knowledge of Azure services such as Function Apps and Logic Apps.
• Experience in onboarding and managing enterprise applications in Azure Entra ID.
• Advanced knowledge of Azure Single Sign-On (SSO) login methods, including OAuth2, OpenID Connect, and SAML, and their integration with enterprise applications.
• Knowledge of privileged access tools (Azure PIM, CyberArk, etc), secrets management (HashiCorp or Azure Key Vault), and workload identity patterns SPIFEE & SPIRE.
• Familiarity with NHI governance concepts for service accounts and AI agents, and exposure to OPA / Rego or similar policy-as-code frameworks.
• Good to have familiarity with Microsoft Purview for DLP and data classification.
• Strong understanding of multi-factor authentication and FIDO2.
• Familiarity with IT security frameworks and compliance standards.
• Knowledge of logging, monitoring, and alerting practices for identity and access events.
• Basic understanding of email security and DNS.
• Experience with backup and recovery strategies for identity-related services.
• Understanding of Zero Trust Architecture principles.
• Familiarity with Jira and Confluence.
• B.S. in Computer Science, Information Technology, Engineering, or equivalent experience.

Familiarity with Microsoft Purview for DLP and data classification.

• Health insurance
• equity awards
• life insurance
• disability benefits
• parental leave
• wellness benefits
• paid time off
• global access to mental health and financial wellness support and resources
• healthcare (medical, dental, and vision)
• life
• accident
• disability
• commuter
• retirement options (401(k)/pension)