Active Directory Entra ID IAM Engineer

Match Point Solutions

Job Location:

Jersey, NJ - USA

Monthly Salary: Not Disclosed

Posted on: 13 days ago

Vacancies: 1 Vacancy

Job Summary

MatchPoint Solutions is a fast-growing young energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber Robinhood Netflix Airbnb Google Sephora and more! More recently we have expanded to working internationally in Canada China Ireland UK Brazil and India. Through our culture of innovation we inspire build and deliver business results from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry-specific best practices and expertise.

We are excited to be continuously expanding our team. If you are interested in this position please send over your updated resume. We look forward to hearing from you!

Job Title: Active Directory / Entra ID / IAM Engineer

Location: NYC Jersey City or Pittsburgh (2-3 days onsite) Hybrid

12 Months

Rate: 70$ - 75$ On W2

Responsibilities

Provide day-to-day engineering and operational support for enterprise Active Directory and Entra ID environments supporting large-scale global user populations.
Administer harden and support on-premises Active Directory infrastructure including domain controller build and maintenance DNS (SRV records) LDAP Kerberos NTLM GPO OU structure replication and directory health.
Support Microsoft Entra ID administration including Conditional Access MFA Identity Protection Privileged Identity Management (PIM) app registrations and service principal governance.
Maintain and support hybrid identity environments including AD Connect configuration sync operations failover between data center instances and PowerShell-based sync troubleshooting.
Administer PKI infrastructure including certificate authority management certificate lifecycle LDAP signing and certificate installation on domain controllers and services.
Support authentication and access solutions including SSO federation (SAML OIDC OAuth2) MFA and privileged access controls.
Perform enterprise application onboarding and integration with identity platforms; troubleshoot authentication authorization and provisioning issues.
Execute platform hardening aligned with Microsoft cumulative hardening guidance and enterprise security policy - including SMB signing LDAP signing Kerberos enforcement and legacy protocol disablement.
Support audit compliance and vulnerability remediation activities; respond to security findings from scanning tools such as Rapid7 Nessus or CrowdStrike.
Partner with infrastructure cybersecurity and application teams to deliver identity-related changes and service improvements.
Develop and maintain runbooks operational documentation and support procedures; train follow-the-sun operations teams on repeatable workflows.
Participate in on-call rotations after-hours change windows and incident response including major incident bridge management.
Use PowerShell Python and Microsoft Graph / Entra APIs to automate operational tasks and improve efficiency. Required Skills & Experience
8 years of hands-on experience administering and supporting enterprise Active Directory - including building hardening and directly owning domain controllers.
Knowledge of AD fundamentals: Kerberos and NTLM authentication protocols DNS (SRV records) LDAP and LDAP signing GPO design replication forest/domain architecture and DC security hardening.
Strong experience with Microsoft Entra ID including Conditional Access MFA Identity Protection PIM app registrations and service principal governance.
Hands-on experience with AD Connect in high-availability configurations including multi-data-center failover sync troubleshooting and PowerShell-based sync commands.
Experience supporting hybrid identity environments across on-premises Active Directory and Microsoft Entra ID.
Working knowledge of PKI infrastructure including certificate authority administration LDAP signing and certificate use cases on domain controllers.
Experience with IAM and PAM platforms such as SailPoint Okta and CyberArk.
Proficiency in PowerShell; Python and Microsoft Graph API experience preferred.
Experience with enterprise SIEM platforms (Splunk preferred) for log analysis dashboard use and incident triage.

MatchPoint Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.

MatchPoint Solutions is a fast-growing young energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber Robinhood Netflix Airbnb Google Sephora and more! More recently we have expanded to working internationally in Canada...

We are excited to be continuously expanding our team. If you are interested in this position please send over your updated resume. We look forward to hearing from you!

Job Title: Active Directory / Entra ID / IAM Engineer

Location: NYC Jersey City or Pittsburgh (2-3 days onsite) Hybrid

12 Months

Rate: 70$ - 75$ On W2

Responsibilities

Provide day-to-day engineering and operational support for enterprise Active Directory and Entra ID environments supporting large-scale global user populations.
Administer harden and support on-premises Active Directory infrastructure including domain controller build and maintenance DNS (SRV records) LDAP Kerberos NTLM GPO OU structure replication and directory health.
Support Microsoft Entra ID administration including Conditional Access MFA Identity Protection Privileged Identity Management (PIM) app registrations and service principal governance.
Maintain and support hybrid identity environments including AD Connect configuration sync operations failover between data center instances and PowerShell-based sync troubleshooting.
Administer PKI infrastructure including certificate authority management certificate lifecycle LDAP signing and certificate installation on domain controllers and services.
Support authentication and access solutions including SSO federation (SAML OIDC OAuth2) MFA and privileged access controls.
Perform enterprise application onboarding and integration with identity platforms; troubleshoot authentication authorization and provisioning issues.
Execute platform hardening aligned with Microsoft cumulative hardening guidance and enterprise security policy - including SMB signing LDAP signing Kerberos enforcement and legacy protocol disablement.
Support audit compliance and vulnerability remediation activities; respond to security findings from scanning tools such as Rapid7 Nessus or CrowdStrike.
Partner with infrastructure cybersecurity and application teams to deliver identity-related changes and service improvements.
Develop and maintain runbooks operational documentation and support procedures; train follow-the-sun operations teams on repeatable workflows.
Participate in on-call rotations after-hours change windows and incident response including major incident bridge management.
Use PowerShell Python and Microsoft Graph / Entra APIs to automate operational tasks and improve efficiency. Required Skills & Experience
8 years of hands-on experience administering and supporting enterprise Active Directory - including building hardening and directly owning domain controllers.
Knowledge of AD fundamentals: Kerberos and NTLM authentication protocols DNS (SRV records) LDAP and LDAP signing GPO design replication forest/domain architecture and DC security hardening.
Strong experience with Microsoft Entra ID including Conditional Access MFA Identity Protection PIM app registrations and service principal governance.
Hands-on experience with AD Connect in high-availability configurations including multi-data-center failover sync troubleshooting and PowerShell-based sync commands.
Experience supporting hybrid identity environments across on-premises Active Directory and Microsoft Entra ID.
Working knowledge of PKI infrastructure including certificate authority administration LDAP signing and certificate use cases on domain controllers.
Experience with IAM and PAM platforms such as SailPoint Okta and CyberArk.
Proficiency in PowerShell; Python and Microsoft Graph API experience preferred.
Experience with enterprise SIEM platforms (Splunk preferred) for log analysis dashboard use and incident triage.

This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.