IAM Engineer

Job Description:

Must-Have Skills and Experience:

Active Directory (AD) Expertise:

• Deep hands-on experience with Active Directory (AD) administration, particularly in directory structure management, users/groups/organizational units, and permissions.
• Familiarity with Active Directory Federation Services (ADFS) and managing hybrid environments.

Microsoft Entra (Azure AD):

• Strong understanding of Microsoft Entra (Azure Active Directory) and its associated services (like conditional access, role-based access control, identity governance).
• Proficient in configuring cloud-only identities, access reviews, security groups, and managing role-based access control (RBAC) in cloud environments.

Privileged Identity Management (PIM):

• Experience implementing Privileged Identity Management (PIM) within both Active Directory and Entra to enforce least-privilege access and scoped permissions.
• Knowledge of timeboxing and just-in-time (JIT) privileged access for sensitive roles.

Directory Services & Structure Management:

• Expertise in directory service management, including the creation of service principals, managing access to servers/workstations, and handling organizational unit (OU) and group management.
• Knowledge of cloud-only grouping and identity management practices in modern infrastructures.

General IAM Knowledge:

• A strong foundation in Identity and Access Management principles, such as RBAC (Role-Based Access Control), IAM policies, authentication/authorization models, and access governance.

Nice-to-Have Skills:

AWS and Google Cloud Platform (GCP) IAM Services:

• Familiarity with IAM services and security in AWS and GCP, particularly around identity management, roles, and permissions.
• Ability to work in a multi-cloud environment and integrate Microsoft IAM services with other cloud providers (AWS, GCP).