Identity and Access Management Engineer II

About The Position

Requirements

• You have a minimum of Bachelor’s degree in Information Technology, Computer Science, or related discipline as well as 5+ years of experience supporting enterprise Identity & Access Management or Directory Services.
• Strong hands-on experience with Active Directory (users, groups, GPOs, trusts, replication, and security administration).
• Hands-on experience with Microsoft Entra ID administration and hybrid identity design.
• Experience implementing SSO, MFA, Conditional Access, and identity lifecycle automation.
• Working knowledge of authentication and federation protocols (SAML, OAuth, OIDC, LDAP).
• Experience maintaining hybrid identity environments using Entra Connect or Cloud Sync.
• Hands-on experience supporting identity federation across AD, Entra ID, AWS, and GCP.
• Experience supporting identity security operations, incident response, or resilience planning.

Nice To Haves

• Experience across Okta and Microsoft Entra ID.
• Experience in Life Sciences, Pharmaceutical, or other GxP-regulated environments.
• Familiarity with Microsoft 365 security and compliance capabilities.
• Experience automating identity workflows using PowerShell or Microsoft Graph API.
• Microsoft certifications such as: Identity and Access Administrator Associate, Azure Administrator Associate, and/or Windows Server / Active Directory.

Responsibilities

• Administer and support Active Directory Domain Services and Microsoft Entra ID, including user, group, and device identity management.
• Manage hybrid identity synchronization using Entra ID Connect / Cloud Sync, including troubleshooting provisioning and synchronization issues.
• Maintain directory health, replication, security configuration, and access governance controls.
• Implement and maintain SSO integrations using SAML, OIDC, OAuth, and LDAP.
• Configure and manage Conditional Access, Multi-Factor Authentication (MFA), and passwordless authentication policies.
• Support Privileged Identity Management (PIM) and enforce least-privilege access controls.
• Implement automated Joiner-Mover-Leaver lifecycle processes and identity governance workflows.
• Maintain federation between Active Directory, Microsoft Entra ID, AWS, GCP, and enterprise SaaS platforms.
• Troubleshoot authentication, federation, and provisioning issues across hybrid environments.
• Support identity integrations with enterprise platforms such as Workday, ServiceNow, AWS, Microsoft 365, and regulated applications.
• Partner with Cybersecurity to codify rules & investigate identity-related alerts around suspicious authentication activity, and access anomalies.
• Participate in incident response activities related to credential compromise or privileged access misuse.
• Implement identity security controls aligned with Zero Trust principles and enterprise security standards.
• Develop, maintain, and test identity platform disaster recovery (DR) and business continuity procedures.
• Validate backup, restore, and failover capabilities for directory services.
• Develop and maintain automation using PowerShell, Microsoft Graph, or scripting to reduce manual provisioning and touchpoints.

Benefits

• Comprehensive medical, dental, and vision coverage and mental health support, annual wellbeing reimbursement, and access to our Employee Assistance Program (EAP)
• Generous paid time off policies, fertility and family-forming benefits, caregiver support, and flexible work schedules with purposeful in-person collaboration
• 401(k) plan with a competitive company match, annual equity awards, and participation in our Employee Stock Purchase Plan (ESPP), and company-paid life and disability insurance
• Company Learning Institute providing access to LinkedIn Learning, skill building workshops, leadership programs, mentorship connections, and networking opportunities
• Employee resource groups, service and recognition programs, and meaningful opportunities to connect, volunteer, and give back