The Identity and Access Management (IAM) Engineer independently designs, implements, and operates secure, scalable identity services. This role supports the firm's IAM program across Entra ID, Active Directory, PAM, SSO/MFA, AWS Cloud Identity, and Certificate Lifecycle Management, partnering with Cybersecurity, IT, and HR teams.
Key Responsibilities
- Directory & Identity Management: Administer and optimize Microsoft Entra ID (Azure AD) and on-prem Active Directory (lifecycle management, role administration, directory hygiene).
- Authentication & Access: Implement and support SSO, MFA, Conditional Access, and federation protocols (SAML, OAuth, OIDC) for SaaS and on-prem apps.
- PAM & Governance: Support the Privileged Access Management (PAM) program (credential rotation, break-glass) and execute Joiner/Mover/Leaver (JML) identity governance workflows.
- Cloud & Certificates: Implement secure cloud identity solutions (AWS/Azure) and manage the internal/external certificate lifecycle.
- Automation & Operations: Automate IAM tasks via scripting, monitor systems for anomalies with Security teams, maintain runbooks, and participate in on-call rotations.
Requirements
- With more than 5 years of progressive IAM/authentication experience in an enterprise environment.
- Hands-on experience with Entra ID, Active Directory, SSO, MFA, and Conditional Access.
- Proficiency with SAML, OAuth, OpenID Connect, LDAP, and SCIM.
- Strong troubleshooting skills with the ability to communicate technical solutions to non-technical stakeholders; fluent English.stakeholders; fluent English.
- Degree in Computer Science, IT, or a related field.
- PowerShell scripting (or equivalent) for operational automation.
- Experience with AWS IAM, CrowdStrike Identity Protection, Tenable Identity Exposure, and SIEM solutions.
- Prior experience in law firms or professional services; certifications like CISSP, Azure, or AWS.
Application
Our specialist consultant Wendy will get in touch with you soon, if we find your profile suitable for this position or any other vacancies we are recruiting for.
