Senior Active Directory / IAM Engineer - Remote
About The Position
City of Hope is seeking an experienced and strategic-minded Senior Identity and Access Management / Active Director Engineer to join our Information Technology team. This individual will lead the design, implementation, and ongoing management of our hybrid identity infrastructure—including on-premises Active Directory and Entra ID (formerly Azure AD)—to ensure secure, efficient, and scalable access to enterprise systems. The Senior IAM / Active Directory Engineer will collaborate with cross-functional teams and regularly present technical strategies, risks, and performance metrics to executive leadership. This position plays a critical role in advancing City of Hope’s security posture through innovation, standardization, and continuous improvement in identity and access management practices.
Requirements
- Bachelor’s degree in related field; 4 additional years of experience plus the minimum experience requirement may substitute for minimum education
- Seven or more years in a technology related field, with a minimum of 5 years in Identity and Access Management specific experience.
- Working knowledge of Information Security tools, practices, policies and processes in a multi-vendor environment with an emphasis on risk analysis, risk assessment and risk management.
- Management/Computer Information Systems (MIS/CIS), Computer/Electrical Engineering, Computer Science or related field
Nice To Haves
- Hospital/healthcare industry experience is desirable, but not required.
Responsibilities
- Design, implement, and maintain IAM solutions to manage user identities, access privileges, and authentication mechanisms.
- Collaborate with stakeholders to gather requirements and ensure that IAM solutions align with business needs.
- Integrate IAM solutions with existing systems, applications, and directory services.
- Optimize IAM workflows and processes to enhance efficiency and user experience.
- Implement and manage role-based access controls (RBAC) to ensure that users have appropriate access permissions.
- Conduct regular access reviews and audits to maintain a secure access environment.
- Evaluate, implement, and manage authentication mechanisms, including multi-factor authentication (MFA).
- Implement and maintain identity federation solutions for seamless and secure access across systems.
- Participate in incident response activities related to IAM, investigating and resolving security incidents.
- Troubleshoot and resolve IAM-related issues in a timely manner.
- Lead the administration, maintenance, and optimization of Microsoft Active Directory, including Group Policy Objects (GPOs), OU structures, trusts, and replication.
- Design, implement, and manage hybrid identity solutions between on-prem Active Directory and Entra ID (Azure AD).
- Maintain and enhance identity lifecycle processes (provisioning, deprovisioning, role-based access control) for both cloud and on-prem environments.
- Manage synchronization and federation services such as Azure AD Connect, ADFS, or Entra Connect Cloud Sync.
- Enforce identity governance policies including conditional access, MFA, and privileged access management in Entra ID.
- Monitor and troubleshoot authentication and authorization issues across Active Directory and Entra services.
- Develop and maintain automation scripts (e.g., PowerShell) to support IAM tasks and improve operational efficiency.
- Support audits and ensure compliance with security standards such as NIST, HIPAA, or ISO 27001 by maintaining clean identity records and access logs.
- Partner with cybersecurity, infrastructure, and application teams to integrate IAM services with enterprise platforms.
Benefits
- Comprehensive Benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
