The Identity and Access Management (IAM) Engineer, Principal focuses on IAM systems and integrations with applications and external partners. This role involves designing, implementing, optimizing, and supporting enterprise cloud and on-premises IAM environments and related security controls.

Job Responsibilities:

• Architect, administer, and support production Identity & Access Management solutions.
• Design, implement, and support Active Directory, Azure, and Entra ID.
• Implement and manage Entra ID Conditional Access Policies.
• Manage access controls to secure Azure services along with multiple subscriptions.
• Design and administer Single Sign-On across Active Directory Federated Service.
• Implement and administer Entra ID Enterprise Applications and App registrations.
• Implement and administer Amazon Web Services Roles and Policies.
• Implement and administer Amazon Web Service Permission Set.
• Prepare, document, and maintain operating procedures, incident response procedures, security standards, and troubleshooting guides.
• Participate in internal audits to provide requested information and evidence. Address and close findings in a timely fashion.

Required Skills & Qualifications:

• 7-10 years of progressive work experience as an IAM, cybersecurity, or cloud engineer.
• Bachelor’s degree in a relevant discipline such as MIS, CIS, or related technical degree, or equivalent professional experience.
• Demonstrated history of managing end-to-end migrations from legacy IAM solutions to modern, cloud-based solutions.
• Microsoft 365 and/or cloud security certifications are considered a plus.
• Experience managing a team of direct reports is desired but not required.
• Excellent verbal, written, and technical skills. Able to present highly technical information to varied audiences in an easily understood manner.
• Hands-on experience designing, implementing, operating, and troubleshooting complex IT security solutions in a dynamic work environment.
• Ability to work independently and as part of a team, transforming high-level requirements into well-documented, secure solutions.
• Extensive experience with Azure concepts, including Entra ID and M365.
• IAM experience working within Amazon Web Services.
• Experience with Terraform to create cloud resources in Azure and/or AWS.
• Expertise with the CA/Broadcom family of IAM solutions is desired but not required.
• Complete understanding of Authentication and Authorization concepts and process flow.
• Experience with ForgeRock IAM solutions is a plus.
• Experience with federation solutions such as ADFS and Entra ID is desired.
• Strong understanding of IAM technologies such as SAML, OAuth, and OIDC is required.
• Experience with data encryption technologies and digital certificate management.
• Experience with back-office products such as Windows, Linux, DHCP, DNS, Active Directory, RADIUS, IIS, Exchange, SQL Server, VMware ESX, and Windows networking.
• Experience partnering with third-party Managed Security Service Providers and Information Security providers.
• Experience with full-stack cloud solutions based upon AWS and Azure.

Legal Disclaimer: NJM is proud to be an equal opportunity employer. We are committed to attracting, retaining and promoting a diverse and inclusive workforce that is fully representative of the diversity that exists in the communities in which we do business.