Identity & Access Engineer (IDRE) III
About The Position
Life changing therapies. Global impact. Bridge to thousands of biopharma companies and their patients. We are PCI. Our investment is in People who make an impact, drive progress and create a better tomorrow. Our strategy includes building teams across our global network to pioneer and shape the future of PCI. Position Summary The Identity & Access Engineer will own PCI Pharma's identity and access management (IAM) infrastructure, serving 6,500+ users across 16 global sites. This critical role addresses the current decentralized IAM risk by implementing centralized identity governance, Zero Trust access controls, and automated lifecycle management. The position is foundational to the organization's security posture and compliance with pharmaceutical regulations.
Requirements
- Bachelor's degree in Computer Science, Information Technology, or related field
- 5+ years of experience in identity and access management
- Expert-level knowledge of Microsoft Entra ID (Azure AD) and Active Directory
- Experience implementing conditional access policies and MFA solutions
- Strong understanding of identity protocols (SAML, OAuth, OIDC, Kerberos)
- Experience with identity governance and access certification processes
- Knowledge of Privileged Access Management concepts and tools
- PowerShell scripting proficiency for identity automation
- Understanding of Zero Trust security principles
- Experience in regulated industries with audit requirements
Nice To Haves
- Microsoft Certified: Identity and Access Administrator Associate
- Experience with identity governance platforms (SailPoint, Saviynt, or similar)
- Pharmaceutical industry experience with GxP compliance knowledge
- Experience with PAM solutions (CyberArk, BeyondTrust, or similar)
- Knowledge of SCIM provisioning and HR system integration
- SC-300 or AZ-500 Azure certification
Responsibilities
- Design and implement enterprise IAM strategy aligned with Zero Trust architecture principles
- Manage Microsoft Entra ID (Azure AD) including conditional access policies, MFA enforcement, and identity protection
- Administer Active Directory across global domain including GPO management, OU structure, and replication monitoring
- Implement identity governance including access reviews, certification campaigns, and segregation of duties controls
- Automate user lifecycle management (joiner/mover/leaver) through integration with HR systems
- Design and implement Privileged Access Management (PAM) solutions for administrative accounts
- Develop role-based access control (RBAC) models aligned with job functions and least privilege principles
- Configure single sign-on (SSO) and federation for enterprise applications
- Implement identity monitoring and anomaly detection for compromised credential identification
- Support audit and compliance requirements including SOX, GxP, and 21 CFR Part 11 identity controls
- Create documentation including identity architecture diagrams, procedures, and runbooks
- Coordinate with SECURE team on identity-related incident response and threat mitigation
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
