IAM Engineer

• IAM Implementation and Administration:

o Assist in designing, configuring, and managing the IAM framework using Microsoft Entra ID (Azure AD), Active Directory, and SSO technologies.
o Ensure alignment of IAM policies and processes with business and security requirements.

• Active Directory and Entra ID Management:

o Support the administration and maintenance of Active Directory forests, domains, trusts, andreplication models.
o Manage and optimize Microsoft Entra ID services, including MFA, conditional access, andidentity protection.
o Ensure high availability, scalability, and security of directory services.

• SSO Configuration and Support:

o Configure and support SSO solutions using protocols like SAML, OAuth, and OpenID Connect.
o Integrate SSO with cloud and on-premises applications to provide seamless authentication and secure access.

• Security and Compliance:

o Enforce security best practices, including role-based access control (RBAC), access policies, and identity governance.
o Monitor and ensure compliance with relevant regulatory standards, such as PCI, NIST, and 201 CMR 17.
o Conduct regular risk assessments, security reviews, and audits to ensure a secure IAM environment.

• Identity Lifecycle Management:

o Manage user provisioning, de-provisioning, and access reviews across systems and applications.
o Automate and improve IAM workflows to enhance efficiency and security.

• Technical Support and Collaboration:

o Troubleshoot and resolve IAM-related issues, including SSO failures and directory integration issues.
o Work closely with cybersecurity, IT, and application teams to ensure seamless identity and access management.
o Provide technical guidance to other teams on IAM best practices.

• Documentation and Reporting:

o Develop and maintain technical documentation for IAM configurations and processes.
o Report IAM performance and issues to senior management and stakeholders.

REQUIREMENTS:
• Must be able to travel to Lottery offices statewide and/or other locations, as required.
• Ability to provide on-call support for IAM issues during critical events.

PREFERRED QUALIFICATIONS:
• 5+ years of experience in Identity and Access Management (IAM) with a focus on Microsoft Entra ID (Azure AD), Active Directory, and SSO integration.
• Experience with SSO technologies including SAML, OAuth, and OpenID Connect.
• Strong understanding of Active Directory architecture, including forests, domains, trusts, and replication.
• Hands-on experience with MFA, conditional access policies, and identity protection.
• Familiarity with regulatory compliance frameworks such as PCI, 201 CMR 17, and NIST.
• Experience in identity lifecycle management, including provisioning, de-provisioning, and access reviews.
• Strong problem-solving and troubleshooting skills with IAM systems.
• Relevant certifications such as Microsoft Certified: Azure Solutions Architect Expert, CISSP, or Certified Identity and Access Manager (CIAM) preferred