Staff Engineer, Identity & Access Management (Entra ID Senior Level)

Requisition ID: 2025-51007
Location: US--US: Remote
Position Type: Full Time
HR Rep / Recruiter: Marcia Harrison
Contact: marcia.harrison@pediatrix.com

The Identity and Access Management (IAM) Staff Engineer plays a critical role in safeguarding enterprise systems and data by ensuring secure, efficient, and compliant access to digital resources. As IAM Staff Engineer you will play a pivotal role in the implementation, and management of best-in-class Identity Governance and Administration (IGA) solutions and engineering modern identity and access management (IAM) solutions. You will enable a more secure Enterprise where the right people have access to the right resources at the right time. You will have an opportunity to work in all aspects of identity from Identity Governance and Administration (IGA) to single sign on, access management, lifecycle workloads entitlements, and managing identity and access management solutions across Pediatrix.

• Designs, develops, tests, implements, and integrates Identity and Access Management (IAM) systems and solutions
• Drives the execution and continuous improvement of Identity and Access Management (IAM) controls technology. This includes, but isn't limited to, administration, configuration of IAM/SSO technology, designing and implementing access provisioning and de-provisioning workflows, enabling thorough entitlement reviews and access recertification, implementing and optimizing role-based authorization, ensuring segregation of duties based on business rules, and enabling robust computer user account management.
• Ensures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss
• Ensures the maintenance, patching, operating, and monitoring of IAM systems to ensure high levels of availability, security, and performance.
• Troubleshoots, supports and resolves system incidents, problems and changes
• Assists in onboarding new applications and creates custom workflows, rules, and reports based on business requirements
• Creates documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagrams
• Leads solution design, proof-of-concept development, and full implementation for new features.
• Configure and optimize Single Sign-On (SSO), Multi-Factor Authentication (MFA), and passwordless authentication using Microsoft Entra ID.
• Implement and manage authentication protocols (SAML, OAuth 2.0, OpenID Connect, Kerberos, NTLM, LDAP).
• Participate in afterhours activities as required for implementations, system outages and support.
• Architect, design, and implement Microsoft Entra ID and Active Directory environments. Includes Entra ID components such as tenant configurations and hardening, IGA, MFA, SSO and IDP migrations, conditional access, B2B and B2C
• Performing technical health checks for the AD/Entra ID platforms/environments prior to broader deployments, supporting proof of concept and production deployments of Entra ID and AD.
• Leading transition to Microsoft Entra ID services such as service configuration, Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols, migrating applications (legacy platforms or other) to Entra ID as the IDP, cleaning up the Active Directory environment, domain clean-up activities including, privileged groups and service accounts management, configuration and delivery of Entra ID and AD security and compliance reports and advanced threat protection capabilities such as Defender for Identity, manage/migrate/deploy their LDAP environments including application integration, server upgrades and patching, prepare their Active Directory DR plans and perform regular DR trial runs.
• Performs other related duties as assigned.

Qualifications:

• Bachelor's in Computer Science, Information Security, or equivalent experience.
• 7-9 years in Identity & Access Management (IAM).

Technical Skills:

• Expertise in IAM frameworks, PAM, and authentication protocols (SAML, OAuth 2.0, OpenID Connect, LDAP, Kerberos).
• Deep knowledge of Microsoft Entra ID (Azure AD), AD, Azure AD Connect, Conditional Access, and Azure AD B2B/B2C.
• Strong grasp of Zero Trust and RBAC models.

Tools & Technologies:

• Experience with Entra ID, NetIQ, CyberArk, ForgeRock, Okta, Ping.
• Familiarity with REST APIs, JSON, RDBMS, GitHub, Jenkins, Eclipse.
• Proficient in JavaScript, Java, PowerShell, Linux shell scripting, and SQL.
• Automation using PowerShell and Microsoft Graph API.

Professional Attributes:

• Thrives in fast-paced, cross-functional environments.
• Innovative, problem-solving mindset.

Preferred Certifications:

• CAMS, CISSP, SC-300.

Benefits for Full Time employees and qualified dependents:

• Medical, Prescription, Dental, Vision Insurance
• Progyny Fertility Benefits
• Livongo Diabetes Management
• Teladoc Health and Second Opinion Services
• Smart Shopper
• 401(K) Thrift Program & Sharing Plan
• Employee Stock Purchase Plan (ESPP) - 15% discount*
• Basic Employee; Spouse; Child Life Insurance
• AD&D
• Employee Optional Life and AD&D
• Short- & Long-Term Disability
• Pre-Tax Health Savings Accounts (HSA)
• Employee and Dependent Flexible Spending Account (FSA)
• Family Medical Leave Act (FMLA)**
• Parental Leave Benefit
• Sick Pay Bank
• Employee Assistance Program (EAP)**
• Group Aflac Policies
• Identity Theft Protection
• Employee Charitable Fund
• com
• Various Discount Programs

* Part Time Regular employee classifications also receive this benefit

** Available to Part-Time regular and part-time casual employees aged 21 and over

PI278213594

Please click Apply