Sr Information Security Engineer - IAM
O'Reilly Auto Parts · Springfield, MO · 2 wk ago
On-siteInformation TechnologyFull-time
Job Summary
The Senior IAM Engineer is a hands-on technical role focused on the implementation, integration, and operation of enterprise identity solutions. This role is responsible for delivering and supporting Microsoft Entra ID services, including the migration of existing identity platforms and applications to modern authentication models. Working closely with IAM Architecture and Security teams, the engineer executes identity initiatives across cloud and on-premise environments, builds and maintains authentication and provisioning integrations while ensuring secure, reliable identity services that support the organization’s operation and security objectives.
Responsibilities
- Execute identity platform initiatives including migrations from legacy identity providers to Entra ID.
- Configure and maintain cross-tenant identity scenarios including Multi-Tenant collaboration, B2B, and External ID.
- Implement and support IAM solutions aligned with defined enterprise architecture, focusing on Microsoft Entra ID and hybrid identity environments.
- Configure and maintain core Entra ID capabilities: SSO, MFA, Conditional Access, Passwordless authentication, B2B access, Identity protection policies and risk-based controls.
- Integrate applications using modern authentication protocols: OIDC, OAuth2, SAML.
- Configure and Manage: Enterprise Applications, App Registrations, API permissions and consent.
- Implement and maintain identity provisioning solutions using: SCIM, API-Based Provisioning, Event-Driven or Scheduled workflows.
- Support and enhance identity lifecycle processes: Joiner / Mover / Leaver, Access Requests and Approvals, Role and Group-Based access assignment.
- Build Automation and Integration solutions using Powershell, Microsoft Graph API, and Logic Apps or equivalent tooling.
- Develop reusable scripts and processes to standardize IAM operations.
- Support adoption of managed identities and service principals for application and workload authentication.
- Implement and support identity security controls aligned with organizational and regulatory requirements.
- Diagnose and resolve issues related to authentication failures, provisioning errors, directory synchronization issues, access and authorization problems.
- Provide technical input and feedback to improve IAM implementations and operational processes.
- Provide hands-on technical mentorship and implementation guidance where appropriate at all levels.
Core Identity and Directory Services
- Core Services (user/group/device)
- Federated Identities
- Custom attributes and schema extensions
- Dynamic Groups
- Directory role strategies for enterprise delegation
- Authentication and Access Control
- SAML
- OIDC
- OAuth2
- WSFED
- Claims-based authorization
- Back-channel logout
- Token introspection
- Token refinement
- Entra ID features: SSO, MFA, Conditional Access, Passwordless Authentication, B2B Identity Protection and Risk, User Risk Detection, Sign-in Risk Detection, Risk Remediation Policies, SIEM/SOAR integration, Logs and Forensics, Identity Governance and Administration, Access Reviews, Access Request Workflows, Time-Bound Access, Identity and Access Lifecycle (Mover/Joiner/Leaver), Augmentation with Logic Apps and other automation technologies.
Skills Required
- Experience with enterprise scale identity migrations
- Familiarity with Okta, Active Directory, Open LDAP or other like identity providers
- Active Directory experience is required
- Deep knowledge of modern authentication protocols including but not limited to OIDC/OAuth2, SAML, WSFED, etc.
- Strong knowledge of Entra ID specifically including but not limited to the features listed above