IAM Engineer to support Incident Response Efforts with our client in the Public Sector

Onsite 2 days/week - Tues/Wed MANDATORY - the schedule will alternate between two days onsite, then three days, and back to two days, and so on.

Hours: 35/Week

Contract: 4+ months + extension

We’re looking for a hands‑on Identity & Access Management (IAM) Engineer to build and support our identity platforms, including SSO, Okta, Microsoft Entra (Azure AD), Active Directory, PAM, and Identity Governance tools.

• Manage and support SSO integrations (SAML, OIDC, OAuth).
• Administer Okta and Microsoft Entra ID (MFA, Conditional Access, app integrations).
• Maintain Active Directory users, groups, policies, and service accounts.
• Support and operate PAM tools (CyberArk, BeyondTrust, or Entra PIM).
• Assist with Identity Governance: access reviews, role management, JML (joiner/mover/leaver).
• Automate identity tasks using PowerShell, Graph API, or Okta APIs.
• Troubleshoot authentication issues for users and applications.
• Work with app teams to onboard apps to SSO and provisioning.
• Maintain documentation and follow security best practices.

• 4-7+ years experience in hands‑on IAM engineering.
• Strong experience with SSO (SAML/OIDC/OAuth).
• Deep knowledge of Okta and Microsoft Entra (Azure AD).
• Solid experience with Active Directory.
• Experience with PAM (CyberArk, BeyondTrust, Delinea, or Entra PIM).
• Experience with Identity Governance (SailPoint, Saviynt, or Entra Governance).
• Good automation skills (PowerShell, API integrations).
• Strong troubleshooting skills for authentication and access issues.

• Experience with SCIM provisioning.
• Experience with Zero Trust, Conditional Access hardening, MFA rollouts.
• Cloud identity experience (Azure, AWS, GCP).
• Terraform or other infrastructure-as-code for identity.