Active Directory & Identity and Access Management (IAM) Engineer

Marotta Controls•Parsippany, NJ

7h•Onsite

About The Position

Elevate your career at Marotta Controls, a New Jersey Top Workplace three years running! Dedicated to innovation, quality and excellence, we deliver cutting edge control systems for the Aerospace & Defense industry. At Marotta, we value bold thinking and teamwork, and we empower our employees to push boundaries while delivering top-tier solutions to our customers. Our team fosters a fun, collaborative culture where creativity and technical excellence thrive! Your next big opportunity starts here. Be part of a company where your work supports a mission that makes a difference—apply today! Active Directory & Identity and Access Management (IAM) Engineer Essential Functions The Active Directory & Identity and Access Management (IAM) Engineer is responsible for designing, implementing, and supporting identity solutions across a complex, multi-forest environment. This role is responsible for ensuring secure, scalable, and compliant identity services, with a strong focus on Microsoft Entra, Single Sign-On (SSO), and identity governance and administration tools such as ADManager. The ideal candidate will have deep technical expertise, strong troubleshooting skills, and a security-first mindset.

Requirements

Bachelor’s degree in Computer Science or equivalent
Must be a US Citizen
Technical solution design and planning experience
Basic understanding of the project management life cycle
5 to 7 years’ hands-on experience administering Microsoft Active Directory in a multi-forest environment
Experience with Microsoft Entra (Azure AD) and hybrid identity architectures
Experience implementing and supporting Single Sign-On (SSO) technologies (SAML, OAuth, OpenID Connect, Kerberos, NTLM)
Experience implementing and administering MFA solutions, including Duo MFA
Experience with identity lifecycle management and access provisioning/deprovisioning
Experience implementing conditional access and identity security best practices
Strong PowerShell scripting skills for automation and administration
Strong knowledge of cybersecurity principles, including Zero Trust architecture, defense-in-depth, identity threat detection, and secure access design
Understanding of identity-related attack vectors (e.g., credential theft, privilege escalation, pass-the-hash) and mitigation strategies
Strong attention to detail
Good problem-solving skills with the ability to think creatively
Excellent written and verbal skills, including ability to clearly articulate technical issues and activities to technical and non-technical staff
Strong interpersonal skills and the ability to adapt in a complex and changing environment
Consistently meet expected production, accuracy and quality standards as set by management
Must be team oriented with the ability to work independently

Nice To Haves

Experience administering ADManager or similar identity governance/administration tools
Experience administering Microsoft 365 (user, license, and service administration)
Experience with Privileged Access Management (PAM/PIM) solutions
Experience integrating SaaS and enterprise applications with Microsoft Entra ID
Familiarity with NIST 800-171 and CMMC requirements as they relate to identity and access management
Experience supporting audits or compliance assessments (e.g., CMMC, NIST, ISO, SOC)
Experience with directory synchronization tools (e.g., Entra Connect / Azure AD Connect)
Relevant certifications (e.g., Microsoft Identity, Azure Security Engineer, CISSP, CMMC-related certifications)

Responsibilities

Design, implement, and maintain Active Directory (AD) infrastructure, including domains, forests, trusts, DNS, and Group
Manage user, group, and computer objects, OU structures, and delegation models
Monitor AD health, performance, and replication; troubleshoot complex directory issues
Implement and maintain AD security best practices and hardening standards
Administer and optimize Microsoft Entra (Azure AD), including hybrid identity integrations
Implement and support Single Sign-On (SSO) solutions for cloud and on-premises applications
Manage identity lifecycle processes (joiner, mover, leaver) using tools such as ADManager
Configure and maintain authentication methods including MFA, conditional access, and federation
Ensure secure access controls through role-based access control (RBAC) and least privilege principles
Support identity architectures and configurations aligned with NIST 800-171 and CMMC security controls
Monitor and troubleshoot identity-related issues across on-prem and cloud platforms
Collaborate with security, infrastructure, and application teams to integrate identity services
Assist with audits, compliance assessments, and evidence collection related to identity and access controls
Develop and maintain technical documentation, standards, and operational procedures
Participate in identity modernization initiatives and continuous improvement efforts