Sr. IAM Implementation Engineer

Hello

Greeting from E-IT

Role: Sr. IAM Implementation Engineer (Microsoft Entra ID and CyberArk PAM)

Location: New York NY 10017 (100% Onsite No flexibility)

Full Time

We are seeking a Senior / Principal IAM & PAM Implementation Engineer with deep hands on experience in Microsoft Entra ID (Azure AD) and CyberArk Privileged Access Management combined with AI / GenAI identity security exposure to support financial services and highly regulated clients.

This role is execution driven and operates in mission critical environments where identity failures directly impact business continuity regulatory compliance and customer trust. The engineer will design implement and operate IAM and PAM controls aligned to Zero Trust principles audit requirements and financial industry regulations.

• Design and hands on implement Microsoft Entra ID solutions in regulated production critical environments
• Design and enforce Conditional Access MFA passwordless authentication and device based access
• Integrate internal and third party applications using SAML OAuth 2.0 OIDC
• Implement identity lifecycle (JML) RBAC access reviews and entitlement management
• Maintain role-based access control (RBAC) aligned with least privilege principles.
• Support IAM integrations with CyberArk PAM DLP and security platforms where applicable.
• Troubleshoot complex sign in token MFA PRT and policy enforcement issues with minimal user disruption

• Hands on deployment and administration of CyberArk components: Vault PSM CPM Secrets Management
• Onboard privileged accounts across servers databases network cloud and service identities
• Enforce least privilege credential rotation session recording and approval workflows
• Integrate CyberArk with Microsoft Entra ID for identity driven privileged access.
• Monitor privileged access activity and investigate suspicious or non compliant usage.
• Support PAM audits regulatory reviews and emergency access scenarios (break glass)

• Implement identity and access controls for AI and GenAI platforms (e.g. Microsoft Copilot enterprise AI workloads)
• Secure:
  • AI service identities and service principals
  • API access and automation credentials
  • AI training and inference access pipelines
• Align IAM PAM controls with enterprise AI governance model risk and data protection standards

• Implement IAM and PAM controls aligned with Financial services regulatory expectations and Internal risk & audit frameworks
• Support audits and compliance reviews (e.g. access evidence privileged access reports)
• Design and maintain audit ready documentation including:
  • Architecture diagrams
  • Policy definitions
  • Access workflows and operational procedures
• Participate in identity related incident response RCA and remediation activities

• Lead IAM/PAM implementations from design through production rollout
• Work closely with Security leadership Risk & compliance teams Application owners Auditors and regulators (as required)
• Provide clear pragmatic recommendations balancing security usability and regulatory compliance
• Act as a trusted technical advisor to clients in high stakes environments

• 8 15 years of IAM / Security engineering experience in regulated environments
• Strong hands on experience with:
  • Microsoft Entra ID (Azure AD)
  • CyberArk PAM (Vault PSM CPM Secrets)
• Conditional Access MFA Passwordless RBAC
• SAML OAuth 2.0 OpenID Connect
• Production troubleshooting in large enterprise environments

• Experience supporting financial services banking insurance or similarly regulated clients
• Exposure to audit compliance or risk workflows related to identity and privileged access
• Comfort operating under strict change management and approval processes

• Identity Governance (PIM Access Reviews)
• SIEM integrations (Azure Sentinel Splunk)
• PowerShell / automation for IAM & PAM
• Zero Trust architecture implementation experience

• Strong hands on engineering mindset (not architecture only).
• Process driven mindset with strong documentation discipline.
• Pragmatic problem solver with strong risk awareness
• Excellent client communication and stakeholder management skills. Clear communication with technical and business stakeholders.
• Ability to build long term trusted relationships.
• Calm and methodical approach in high impact production incidents. Ability to support incidents under pressure

• Microsoft SC 300 / AZ 104 / AZ 900
• CyberArk PAM certifications
• Security or identity related certifications (preferred)