[Remote] Senior Systems Engineer Identity Access Management - Fully Remote
Note: The job is a remote job and is open to candidates in USA. NMDP is a leader in providing identity and access management solutions, and they are seeking a Senior Systems Engineer to provide technical leadership in Identity & Access Management and IT Productivity & Collaboration services. The role involves designing, implementing, and administering identity governance and enterprise identity services, ensuring secure and reliable operations across various platforms.
Responsibilities
- Design, implement, and maintain IAM/IGA capabilities (directory services, SSO/federation, and privileged access) using Okta, Active Directory, and Microsoft Entra to deliver secure, reliable access
- Lead discovery and solution delivery for IAM initiatives (requirements, design, build, testing, and rollout); evaluate options and recommend best-fit approaches with internal teams and vendors
- Automate identity lifecycle (joiner/mover/leaver; provisioning/deprovisioning) and related administration using scripting and modern tooling to reduce manual effort and risk
- Define and enforce access governance (RBAC/ABAC), policies, workflows, and secure access patterns (SSO/MFA/conditional access alignment and least-privilege role design), including periodic access reviews
- Support security and compliance by remediating identity-related vulnerabilities and supporting audits, penetration tests, and access reviews with evidence, reporting, and corrective actions
- Onboard and integrate applications and platforms (SaaS and Microsoft 365) using standards-based connectors/integrations; partner with application owners to validate requirements, data flows, and security controls
- Own and administer Microsoft 365 and collaboration services (Teams, SharePoint/OneDrive, Exchange Online) and adjacent SaaS tools, including hybrid identity/access integrations and roadmap execution
- Operate and improve services through monitoring, dashboards/alerts, incident and problem management (RCA/post-incident reviews), and on-call participation; troubleshoot authentication/authorization/provisioning issues to restore service
- Plan, test, and deliver changes using NMDP change management and ITSM practices; validate outcomes and transition to steady-state support
- Create and maintain documentation and enablement (standards, runbooks, procedures, and knowledge articles); support tiered support and knowledge transfer with Service Desk/L2
- Support privileged access practices using approved vaulting and secrets management (e.g., Delinea Secret Server) for administrative accounts, service accounts, and automation credentials
- Partner with Procurement/Vendor Management on renewals, licensing optimization, and vendor escalations; identify cost-saving opportunities through usage analysis and right-sizing
- Evaluate and adopt new features and products (including collaboration AI capabilities) via pilots, guardrails, and measured rollouts
- Other duties as assigned
Skills
- Knowledge of IAM/IGA concepts and practices, including identity lifecycle (joiner/mover/leaver), provisioning/deprovisioning, and access recertification
- Knowledge of identity standards and protocols (SAML, OAuth/OIDC, SCIM) and how they are used for SSO/federation and application integrations
- Knowledge of Okta, Active Directory, and Microsoft Entra ID administration and configuration concepts (tenant/directory structure, groups, app assignments, conditional access/access policies)
- Knowledge of privileged access management principles and controls (least privilege, role-based access, privileged roles/accounts, access request/approval workflows)
- Knowledge of security and compliance practices related to identity services, including logging/monitoring, vulnerability remediation, audit evidence collection, and access reviews
- Knowledge of enterprise IT operations practices (incident/problem management, change control) and creating/supporting technical documentation such as procedures and runbooks
- Ability to demonstrate strong interpersonal and organizational skills, demonstrated success in working both independently and in a team environment
- Ability to demonstrate above-average written and oral communication skills
- Ability to demonstrate strong analytical and creative problem solving, and the ability to manage multiple and rapidly changing priorities
- Ability to work effectively both independently and collaboratively across technical and non-technical teams
- Ability to communicate clearly in writing and verbally, including translating technical concepts for varied audiences
- Ability to analyze complex issues, solve problems systematically, and manage multiple priorities in a fast-changing environment
- Ability to have hands-on experience with the relevant technologies and solutions for fulfilling the activities in the accountabilities section
- Education: Bachelor's degree in computer science, Management Information Systems, Computer Science, Information Security or related field (or equivalent related experience and/or education)
- Experience: Minimum of five or more years of experience in engineering and supporting solutions in a heterogeneous enterprise IT environment
- Modern Workplace/Automation: Defines and completes project tasks, including scripting, related to workplace automation, leveraging Intune, SharePoint (including migrations), Viva, PowerApps, Power Automate, Microsoft Power Platform, etc
- Strong experience with Okta tenant configuration and core components (policies, claims, scopes, access policies) beyond day-to-day administration
- Experience partnering with application developers and using Okta APIs to automate integrations and workflows
- Experience with log management and reporting tools (e.g., Varonis, Okta reporting) for monitoring and investigation
Benefits
- Medical
- Dental
- Vision
- Life and disability
- Accident/critical illness/hospital
- Well-being
- Legal
- Identity theft
- Pet benefits
- Retirement
- Paid time off/holidays
- Leave
- Incentive plans
Company Overview