Job Title : Sr IAM Engineer
Primary Location : Hybrid in Chicago's west / northwest suburbs
Position Type : Direct Hire
Overview
TalentFish is casting a line for an IAM (Identity and Access Management Engineer). This is a hybrid direct hire role. Requiring a couple days a week on site.
REQUIRED EDUCATION & EXPERIENCE :
- Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience)
- 10 years of experience in IAM and Enterprise Messaging systems
- Strong knowledge of on-premises Active Directory, Azure AD / Entra ID, and hybrid identity concepts and technologies
- Expertise in Enterprise Email systems (e.g., Exchange on-premises, Exchange Online, Microsoft 365)
- Proficiency in PowerShell and other scripting languages for automation and management tasks
- Experience with Azure AD Connect, Conditional Access, and Microsoft Graph APIs
- Familiarity with authentication protocols (e.g., SAML, OAuth, OpenID Connect)
KEY ACCOUNTABILITIES INCLUDE :
Design, implement, and maintain IAM solutions, including on-premises Active Directory, Azure AD / Entra ID, and hybrid identity environmentsManage and optimize multiple Azure AD Connect environments for seamless synchronization between on-premises AD and Azure AD / Entra IDImplement and maintain identity federation solutions for single sign-on (SSO) across applications and services, including Azure AD Application Proxy and ADFSConfigure and manage Conditional Access policies and Multi-Factor Authentication in Azure AD / Entra IDDevelop and enforce IAM policies, workflows, and procedures to ensure secure and efficient access management across on-premises and cloud environmentsManage user lifecycle, including onboarding, offboarding, and role changes, ensuring adherence to security policies and compliance requirementsConduct periodic access reviews and audits to maintain complianceCreate processes for automatic disablement of accountsDesign, manage, and maintain Office 365 environment(s) with on-premises Exchange and Microsoft 365 componentsImplement and support email security measures to protect the organization's email domains and ensure secure external mail flowCreate API-based integration automation solutions for onboarding, audits, and other service management functionsProvide 3rd level technical support for Email Services components and custom toolsAuthor and maintain operations, security controls, and technology lifecycle related documentationCollaborate with cross-functional teams to align IAM and messaging solutions with business goals and security requirementsStay current with industry best practices, regulations, and compliance standards related to IAM and messaging systemsRespond to incidents, investigate security breaches, and perform root cause analysis for both IAM and messaging-related issuesGenerate reports and metrics related to IAM and messaging activities and security postureUtilize PowerShell and other scripting languages for automation and management tasks across on-premises and cloud environmentsMaintains current, meticulous documentation, on all infrastructure components that are shared amongst all team members and with peer teams as requiredTroubleshooting and setting up AzureAD / EntraID SCIM with SaaS applicationsThorough knowledge of Entra Connect Sync and Entra Cloud Sync to support it hands-onGood understanding of Azure AD B2C and Entra External ID setup and management to support it hands-on.What You Bring to the Role. WHAT YOU WILL DO!
Provided hands-on DNS / SPF / DMARC / DKIM changes / support / implementation previously for larger multi-domain companies.Advanced skills "hands-on” experience with O365, AzureAD / EntraID, On-Prem Active Directory domains (multiple) and demonstrated expertise of successful implementation of projects with minimal disruption to the business, users, and customers.Experience leading identity and messaging (Teams / Email / Sharepoint / O365) projects related to various aspects of infrastructure.Effectively communicate solutions and issues around the solutions to peers, business, infrastructure, application, database areas and tech and not tech users.Support escalations from IT Service Desk and act as 3rd tier resource to resolve issues. Never an issue to contact a user directly to find out what exactly might be the problem.Monitor mail flow, create / execute on checklists to validate email flowsHands-on creation of PowerShell scripts to manage messaging / AD environmentsWork on-call when neededCommunicate project-based initiatives and provides written and verbal status updates to business users / stakeholders.Assist with patching process on servers in environment.Compensation Information
The expected salary range for this position is $100,000.00 -$150,000.00 depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, company matched 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations.
Salary : $100,000 - $150,000
