[Remote] Senior Systems Engineer Identity Access Management - Fully Remote

Note: The job is a remote job and is open to candidates in USA. NMDP is a leader in providing identity and access management solutions, and they are seeking a Senior Systems Engineer to provide technical leadership in Identity & Access Management and IT Productivity & Collaboration services. The role involves designing, implementing, and administering identity governance and enterprise identity services, ensuring secure and reliable operations across various platforms.

Responsibilities

• Design, implement, and maintain IAM/IGA capabilities (directory services, SSO/federation, and privileged access) using Okta, Active Directory, and Microsoft Entra to deliver secure, reliable access
• Lead discovery and solution delivery for IAM initiatives (requirements, design, build, testing, and rollout); evaluate options and recommend best-fit approaches with internal teams and vendors
• Automate identity lifecycle (joiner/mover/leaver; provisioning/deprovisioning) and related administration using scripting and modern tooling to reduce manual effort and risk
• Define and enforce access governance (RBAC/ABAC), policies, workflows, and secure access patterns (SSO/MFA/conditional access alignment and least-privilege role design), including periodic access reviews
• Support security and compliance by remediating identity-related vulnerabilities and supporting audits, penetration tests, and access reviews with evidence, reporting, and corrective actions
• Onboard and integrate applications and platforms (SaaS and Microsoft 365) using standards-based connectors/integrations; partner with application owners to validate requirements, data flows, and security controls
• Own and administer Microsoft 365 and collaboration services (Teams, SharePoint/OneDrive, Exchange Online) and adjacent SaaS tools, including hybrid identity/access integrations and roadmap execution
• Operate and improve services through monitoring, dashboards/alerts, incident and problem management (RCA/post-incident reviews), and on-call participation; troubleshoot authentication/authorization/provisioning issues to restore service
• Plan, test, and deliver changes using NMDP change management and ITSM practices; validate outcomes and transition to steady-state support
• Create and maintain documentation and enablement (standards, runbooks, procedures, and knowledge articles); support tiered support and knowledge transfer with Service Desk/L2
• Support privileged access practices using approved vaulting and secrets management (e.g., Delinea Secret Server) for administrative accounts, service accounts, and automation credentials
• Partner with Procurement/Vendor Management on renewals, licensing optimization, and vendor escalations; identify cost-saving opportunities through usage analysis and right-sizing
• Evaluate and adopt new features and products (including collaboration AI capabilities) via pilots, guardrails, and measured rollouts
• Other duties as assigned

Skills

• Knowledge of IAM/IGA concepts and practices, including identity lifecycle (joiner/mover/leaver), provisioning/deprovisioning, and access recertification
• Knowledge of identity standards and protocols (SAML, OAuth/OIDC, SCIM) and how they are used for SSO/federation and application integrations
• Knowledge of Okta, Active Directory, and Microsoft Entra ID administration and configuration concepts (tenant/directory structure, groups, app assignments, conditional access/access policies)
• Knowledge of privileged access management principles and controls (least privilege, role-based access, privileged roles/accounts, access request/approval workflows)
• Knowledge of security and compliance practices related to identity services, including logging/monitoring, vulnerability remediation, audit evidence collection, and access reviews
• Knowledge of enterprise IT operations practices (incident/problem management, change control) and creating/supporting technical documentation such as procedures and runbooks
• Ability to demonstrate strong interpersonal and organizational skills, demonstrated success in working both independently and in a team environment
• Ability to demonstrate above-average written and oral communication skills
• Ability to demonstrate strong analytical and creative problem solving, and the ability to manage multiple and rapidly changing priorities
• Ability to work effectively both independently and collaboratively across technical and non-technical teams
• Ability to communicate clearly in writing and verbally, including translating technical concepts for varied audiences
• Ability to analyze complex issues, solve problems systematically, and manage multiple priorities in a fast-changing environment
• Ability to have hands-on experience with the relevant technologies and solutions for fulfilling the activities in the accountabilities section
• Education: Bachelor's degree in computer science, Management Information Systems, Computer Science, Information Security or related field (or equivalent related experience and/or education)
• Experience: Minimum of five or more years of experience in engineering and supporting solutions in a heterogeneous enterprise IT environment
• Modern Workplace/Automation: Defines and completes project tasks, including scripting, related to workplace automation, leveraging Intune, SharePoint (including migrations), Viva, PowerApps, Power Automate, Microsoft Power Platform, etc
• Strong experience with Okta tenant configuration and core components (policies, claims, scopes, access policies) beyond day-to-day administration
• Experience partnering with application developers and using Okta APIs to automate integrations and workflows
• Experience with log management and reporting tools (e.g., Varonis, Okta reporting) for monitoring and investigation

Benefits

• Medical
• Dental
• Vision
• Life and disability
• Accident/critical illness/hospital
• Well-being
• Legal
• Identity theft
• Pet benefits
• Retirement
• Paid time off/holidays
• Leave
• Incentive plans

Company Overview