IAM & Messaging Engineer Lead

Job Title:                     IAM & Messaging Engineer Lead Location:                    Schaumburg, IL Position Type:             Full-Time Direct Hire (Hybrid onsite 2 days per week)
Overview
TalentFish is casting a line for a Senior Identity and Access Management/Messaging Engineer. This is a full-time direct hire position that requires onsite work 2 days per week in Schaumburg. Our client is a premier award-winning global organization!

Join an Award-Winning Global Leader!

Our client is a multi-award-winning organization that stands out for its commitment to excellence, innovation, and customer satisfaction. Recognized for its industry-leading infrastructure, management model, and best-in-class, proprietary technology, they have earned accolades that set them apart from competitors.

Take the next step in your career and contribute to shaping the future of a global leader

Key Responsibilities | What You Will Do

• Design, implement, and maintain IAM solutions, including on-premises Active Directory, Azure AD/Entra ID, and hybrid identity environments.
• Manage and optimize multiple Azure AD Connect environments for seamless synchronization between on-premises AD and Azure AD/Entra ID.
• Implement and maintain identity federation solutions for single sign-on (SSO) across applications and services, including Azure AD Application Proxy and ADFS.
• Configure, manage Conditional Access policies and Multi-Factor Authentication in Azure AD/Entra ID.
• Develop and enforce IAM policies, workflows, and procedures to ensure secure and efficient access management across on-premises and cloud environments.
• Manage user lifecycle, including onboarding, offboarding, and role changes, ensuring adherence to security policies and compliance requirements.
• Conduct periodic access reviews and audits to maintain compliance.
• Create processes for automatic disablement of accounts.
• Design, manage, and maintain Office 365 environment(s) with on-premises Exchange and Microsoft 365 components.
• Implement and support email security measures to protect the organization's email domains and ensure secure external mail flow.
• Create API-based integration automation solutions for onboarding, audits, and other service management functions.
• Provide 3rd level technical support for Email Services components and custom tools.
• Author and maintain operations, security controls, and technology lifecycle related documentation.
• Collaborate with cross-functional teams to align IAM and messaging solutions with business goals and security requirements.
• Stay current with industry best practices, regulations, and compliance standards related to IAM and messaging systems.
• Respond to incidents, investigate security breaches, and perform root cause analysis for both IAM and messaging-related issues.
• Generate reports and metrics related to IAM and messaging activities and security posture.
• Utilize PowerShell and other scripting languages for automation and management tasks across on-premises and cloud environments.
• Maintain current, meticulous documentation on all infrastructure components that are shared among all team members and with peer teams as required.
• Troubleshooting and setting up Azure AD/Entra ID SCIM with SaaS applications.
• Hands-on support of Entra Connect Sync and Entra Cloud Sync.
• Good understanding of Azure AD B2C and Entra External ID setup and management to support it hands-on.

Job Qualifications

• 10 years of experience in IAM and Enterprise Messaging systems.
• Strong knowledge of on-premises Active Directory, Azure AD/Entra ID, and hybrid identity concepts and technologies.
• Expertise in Enterprise Email systems e.g., Exchange on-premises, Exchange Online, Microsoft 365.
• Proficiency in PowerShell and other scripting languages for automation and management tasks.
• Experience with Azure AD Connect, Conditional Access, and Microsoft Graph APIs.
• Familiarity with authentication protocols e.g., SAML, OAuth, OpenID Connect (OIDC).
• Bachelor's degree in Computer Science, Information Security, related field, or equivalent work experience.

What You Bring to the Role (Ideal Experience)

• Experience in large multi-domain organizations providing hands-on configuration, implementation and management of DNS (Domain Name System), SPF (Sender Policy Framework), DMARC (Domain-name Message Authentication), and DKIM (DomainKeys Identified Mail).
• Advanced skills and hands-on experience with MS O365, Azure AD/Entra ID, On-Prem Active Directory domains (multiple) and demonstrated expertise of successful implementation of projects with minimal disruption to the business, users, and customers.
• Experience leading identity and messaging projects (Teams/Email/SharePoint/O365) related to various aspects of infrastructure.
• Effectively communicate solutions and issues around the solutions to peers, business, infrastructure, application, database areas and tech and not tech users.
• Support escalations from IT Service Desk and act as 3rd tier resource to resolve issues. Never an issue to contact a user directly to find out what exactly might be the problem.
• Monitor mail flow, create/execute on checklists to validate email flows
• Hands-on creation of PowerShell scripts to manage messaging/AD environments
• Work on-call when needed
• Communicate project-based initiatives and provides written and verbal status updates to business users/stakeholders.
• Assist with patching process on servers in environment.

Why Consider?

Our client is a top ranked global organization with a fantastic reputation! Employees highlight the outstanding workplace culture: "Great People, Great Atmosphere, and a Fantastic Management Team."  The company offers excellent salary compensation and full comprehensive benefits. 

Don’t miss this opportunity to become part of a company that not only delivers exceptional results but also fosters a collaborative and dynamic environment where employees thrive.

Apply Today!

Compensation Information
The expected salary range for this position is $100,000.00 -$150,000.00 depending on experience and qualifications. This role qualifies for full comprehensive employee benefits.

TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations.