Active Directory / Identity & Access Management (IAM) Engineer

Job Title: Active Directory / Identity & Access Management (IAM) Engineer

Job Summary:
The IAM Engineer will be responsible for managing, supporting, and maintaining the organization’s Identity and Access Management systems, including Microsoft Active Directory, Azure Active Directory, and related technologies. This role ensures the security, performance, and reliability of IAM services and plays a key part in implementing best practices, troubleshooting issues, and ensuring compliance with security policies.

Key Responsibilities:

Provide 2nd-level technical support for all Identity and Directory-related services, including Microsoft Active Directory and Azure Active Directory.

Manage and monitor daily operations of IAM infrastructure, ensuring performance, capacity, event, and security monitoring are effectively carried out.

Identify, troubleshoot, and resolve technical issues impacting IAM systems and related operations.

Support end-users and internal teams in diagnosing and resolving access-related problems.

Escalate complex technical issues to higher-level support teams as needed.

Conduct access and security audits to identify vulnerabilities and ensure compliance with security standards.

Manage and maintain Microsoft IAM technologies, including Active Directory Federation Services (ADFS) and Microsoft Identity Management (FIM/MIM).

Work with cloud computing environments such as Microsoft Azure and Office 365.

Implement and support authentication protocols such as Kerberos, LDAP, RADIUS, SAML, and OAuth.

Enable and support Single Sign-On (SSO) and Multi-Factor Authentication (MFA) in a heterogeneous IT environment.

Administer and integrate applications with Active Directory 2008/2012 for identity and authentication management.

Manage Microsoft Public Key Infrastructure (PKI) servers and certificates.

Deploy and maintain Windows Server environments (2008/2012), including virtualized environments (VMware, Hyper-V).

Apply basic programming knowledge to understand authentication and authorization mechanisms in applications.

Manage user lifecycle processes — onboarding, offboarding, provisioning, and deprovisioning of user accounts.

Implement and manage access control models, federated identities, privileged account management, and other IAM solutions.

Review and maintain system documentation, procedures, and technical manuals for compliance and operational accuracy.

Perform technical analysis on workload performance, equipment utilization, and software efficiency; recommend improvements as necessary.

Execute change management and configuration management activities as per established policies.

Identify security risks, operational gaps, and perform remediation actions in line with ISRM Security and Compliance requirements.