Cybersecurity Senior Engineer- Technical Lead – Identity Federation, Azure & Access Policy

About The Position

Requirements

• Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience
• Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
• Previous experience in leading complex IT projects

Nice To Haves

• Strong Soft Skills; Communications
• Extensive experience in Identity and Access Management, including ADFS and Azure / Entra ID Conditional Access. Microsoft Active Directory
• Strong understanding of authentication and authorization protocols (SAML, OAuth2, OIDC).
• Proven experience owning technical outcomes and leading execution of complex initiatives.
• Demonstrated history of automation in IAM environments.
• Practical experience using Microsoft Copilot or similar AI tools to enhance engineering productivity.
• Strong understanding of IAM risk, control design, and alignment to NIST and industry control frameworks.
• Experience partnering with application managers and technical stakeholders.
• Strong analytical, documentation, and communication skills.

Responsibilities

• Own end‑to‑end technical outcomes for identity federation and access policy initiatives.
• Serve as technical lead of execution, guiding design, build, testing, deployment, and operational readiness.
• Design, implement, and operate identity federation solutions using ADFS, Azure / Entra ID, and modern authentication protocols (SAML, OAuth2, OIDC).
• Architect and maintain Azure / Entra ID Conditional Access policies aligned to Zero Trust principles and enterprise risk tolerance.
• Produce and lead review of engineering designs, consume architecture patterns, and create implementation guidelines.
• Ensure solutions are secure, resilient, auditable, and aligned to enterprise IAM strategy.
• Act as a gatekeeper for technical quality while partnering effectively with architecture, security, and infrastructure teams.
• Design and operate IAM controls aligned to CSR 2.1 and NIST frameworks and industry control models.
• Understand identity‑centric risk scenarios and ensure access controls appropriately mitigate those risks.
• Support audit, risk, and regulatory inquiries with clear technical explanations and evidence.
• Measure and continuously assess policy effectiveness, not just policy presence.
• Analyze identity, authentication, and access data to identify control gaps, misconfigurations, and trends, validate risk reduction, and drive simplification and improvement.
• Translate technical data into actionable insights for security leadership and stakeholders.
• Demonstrate a strong history of automating repetitive IAM tasks using scripting and tooling.
• Leverage Microsoft Copilot through sophisticated prompting and Agent Supervision to accelerate analysis, scripting, and troubleshooting, improve consistency and speed of IAM operations, and apply appropriate governance and judgment when using AI‑assisted outputs.
• Work closely with application managers and application owners to implement secure and scalable authentication models based on architecture patterns, integrate applications with federation and Conditional Access services, resolve complex access and authentication issues, and influence adoption of modern identity patterns while balancing application risk, usability, and delivery timelines.
• Act as a recognized IAM subject‑matter expert.
• Mentor engineers through technical guidance and example.
• Influence outcomes through expertise and collaboration rather than authority.

Benefits

• medical
• dental
• vision
• life insurance
• disability
• accidental death and dismemberment
• tax-preferred savings accounts
• 401k plan
• vacation
• sick days
• paid holidays
• defined benefit pension plan
• restricted stock units
• deferred compensation plan