Senior Identity & Access Management Administrator

Mascoma Bank•White River Junction, VT

About The Position

Mascoma Bank is seeking a Senior Identity & Access Management (IAM) Administrator to help protect the systems, applications, and digital experiences that support our employees and customers. In this role, you will own key identity, authentication, and access lifecycle services across the Bank, including single sign-on (SSO), multi-factor authentication (MFA), federation, Microsoft 365, Entra ID, and connected business applications. As part of our IT Operations team, you will play a central role in strengthening and automating user access management. You will help build consistent, auditable, and policy-driven provisioning and deprovisioning processes across Microsoft 365, Entra ID, and other connected applications. The ideal candidate brings strong identity platform expertise, an automation-first mindset, close partnership with Information Security, and the operational discipline needed in a regulated banking environment.

Requirements

5+ years of hands-on identity and access management or systems administration experience.
Strong experience with SSO, MFA, and SAML/OIDC federation.
Hands-on experience administering Microsoft 365 and Entra ID, including Conditional Access.
Experience automating account lifecycle and provisioning with an identity governance or lifecycle automation platform.
Working knowledge of onboarding, transfers, offboarding, role-based access, and least-privilege access models.
Experience integrating and configuring applications for authentication and provisioning, including SCIM and SAML.
Familiarity with directory services, group and role management, and identity governance concepts.

Nice To Haves

Experience working in a regulated industry, such as financial services, is preferred.
Microsoft Certified: Identity and Access Administrator Associate (SC-300)
Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
Microsoft 365 or Entra ID administration certifications
Identity lifecycle automation or identity governance platform training or certification
Relevant security certifications, such as CompTIA Security+

Responsibilities

Administer and support identity, authentication, SSO, MFA, and federation services across cloud and on-premises applications.
Build, maintain, and improve automated account lifecycle workflows for onboarding, transfers, role-based provisioning, and timely offboarding.
Manage Microsoft 365 and Entra ID configurations, including users, groups, enterprise applications, app registrations, licensing, Conditional Access, and hybrid identity services.
Configure and integrate business applications for authentication, authorization, attribute mapping, SSO, SCIM, and automated provisioning.
Support access governance activities, including RBAC, least-privilege access models, access reviews, entitlement records, and audit evidence.
Partner with Information Security and IT teams to align identity services with security standards, compliance expectations, and regulatory requirements.
Troubleshoot identity and access issues, document processes and runbooks, and provide clear support to technical and non-technical stakeholders.