Microsoft Identity and Access Management Engineer

Responsibilities

• Design, implement, and maintain Microsoft Azure Active Directory (Azure AD / Entra ID) environments in hybrid and cloud-native configurations.
• Manage user lifecycle processes including provisioning, de-provisioning, and role-based access control (RBAC) assignments.
• Configure and maintain Conditional Access policies, Multi-Factor Authentication (MFA), and Single Sign-On (SSO) solutions.
• Administer Microsoft Privileged Identity Management (PIM) and Privileged Access Management (PAM) solutions to enforce least-privilege principles.
• Integrate SaaS applications and on-premises systems with Azure AD using SAML, OAuth 2.0, and OpenID Connect protocols.
• Monitor identity infrastructure for threats, anomalies, and compliance gaps using Microsoft Defender for Identity and Microsoft Sentinel.
• Support and manage on-premises Active Directory environments, Group Policy, and hybrid identity configurations (Azure AD Connect / Entra Connect).
• Collaborate with security, compliance, and application teams to ensure IAM policies meet regulatory requirements including SOX, HIPAA, and GDPR.
• Develop and maintain documentation, runbooks, and standard operating procedures for IAM systems and processes.
• Troubleshoot identity-related incidents, service requests, and access issues in a timely and structured manner.
• Participate in IAM roadmap planning, architecture reviews, and continuous improvement initiatives.
• Required Qualifications:
• 3-5 years of experience in identity and access management, with a strong focus on Microsoft technologies.
• Hands-on expertise with Azure Active Directory / Microsoft Entra ID, including tenant management and identity governance.
• Proficiency in managing on-premises Active Directory and hybrid identity environments.
• Experience designing and implementing SSO integrations using SAML, OAuth 2.0, and OpenID Connect.
• Familiarity with Microsoft Privileged Identity Management (PIM) and Conditional Access policy configuration.
• Practical knowledge of MFA solutions, including Microsoft Authenticator and FIDO2 security keys.
• Experience with PowerShell scripting for IAM automation, reporting, and administration tasks.
• Solid understanding of Zero Trust security principles and their practical application to identity and access management.
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or equivalent professional experience.

Requirements

• Microsoft certifications such as SC-300 (Microsoft Identity and Access Administrator Associate), AZ-500, or MS-500.
• Experience with Microsoft Entra Verified ID, Entitlement Management, or Identity Governance features.
• Familiarity with third-party PAM or IGA tools such as CyberArk, SailPoint, or Saviynt.
• Experience with SIEM platforms, particularly Microsoft Sentinel, for identity threat detection and response.
• Knowledge of compliance frameworks including SOX, HIPAA, NIST Cybersecurity Framework, and ISO 27001.
• Exposure to DevSecOps practices and integration of IAM controls into CI/CD pipelines.
• Salary:
• Competitive base salary commensurate with experience, plus annual performance bonus.
• The salary for this role will range from 101,100 USD to 161,800 USD annual based on full-time employment. Salary offers are based on a wide range of factors including but not limited to location, relevant skills, training, experience, education, etc.
• Certain roles may be eligible for performance-based incentive compensation and/or long-term incentives. Incentives could be discretiona

Benefits

Additional Information

Build a career powered by innovations that matter! At Novanta, our innovations power technology products that are transforming healthcare and advanced manufacturing-improving productivity, enhancing people's lives and redefining what's possible. We create for our global customers engineered components and sub-systems that deliver extreme precision and performance for a range of mission-critical applications-from minimally invasive surgery to robotics to 3D metal printing. Novanta is one global team with over 26 offices located in The Americas, Europe and Asia-Pacific. Looking for a great place to work? You have found it with a culture that embraces teamwork, collaboration and empowerment. Come explore Novanta. Position Overview Novanta is seeking a skilled Microsoft Identity and Access Management (IAM) Engineer to join our Information Technology team. This mid-level role is responsible for designing, implementing, and maintaining identity and access management solutions across the organization's Microsoft ecosystem. The ideal candidate brings 3-5 years of hands-on experience with Microsoft IAM technologies, a strong security mindset, and a passion for enabling secure, seamless access across a modern enterprise environment. Position Details: Job Title: Microsoft Identity and Access Management Engineer Department: Information Technology Location: United States (Remote) Employment Type: Full-Time Experience Level: Mid-Level (3-5 years) Reports To: VP of IT

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at novanta? Share your experience