Identity and Access Management Engineer II

4 hours ago

Remote friendly (Bridgewater, NJ)

United States

About The Role
- The Identity and Access Management (IAM) Engineer II is responsible for the implementation, administration, and continuous improvement of enterprise identity services across Active Directory, Microsoft Entra ID, and federated multi-cloud and SaaS platforms.
- Ensures identity systems operate securely, resiliently, compliantly, and in an audit-ready state; enables modern authentication, automated lifecycle management, and least-privilege access.
- Partners with Cybersecurity, Infrastructure & Operations, Enterprise Applications, Computer System Validation (CSV), and Quality Assurance (QA) to maintain a validated identity environment.
- Accountable for centralized identity, authentication, and federation across platforms.

What You’ll Do
- Administer and support Active Directory Domain Services and Microsoft Entra ID (user, group, and device identity management).
- Manage hybrid identity synchronization using Entra ID Connect/Cloud Sync; troubleshoot provisioning and synchronization issues.
- Maintain directory health, replication, security configuration, and access governance; implement SSO using SAML, OIDC, OAuth, and LDAP.
- Configure/manage Conditional Access, MFA, and passwordless authentication; support Privileged Identity Management (PIM) and enforce least-privilege access.
- Implement automated Joiner-Mover-Leaver lifecycle processes and identity governance workflows.
- Maintain federation across AD, Entra ID, AWS, GCP, and enterprise SaaS; troubleshoot authentication/federation/provisioning in hybrid environments.
- Support identity integrations with Workday, ServiceNow, AWS, Microsoft 365, and regulated applications.
- Investigate identity-related alerts; participate in incident response for credential compromise/privileged access misuse; implement Zero Trust-aligned identity security controls.
- Develop/maintain identity disaster recovery (DR) and business continuity; validate backup/restore/failover.
- Develop/maintain automation using PowerShell, Microsoft Graph, or scripting.

Who You Are / Qualifications
- Bachelor’s degree in IT, Computer Science, or related discipline.
- 5+ years supporting enterprise IAM or Directory Services.

You Are Or You Have
- Hands-on Active Directory (users, groups, GPOs, trusts, replication, security administration).
- Hands-on Microsoft Entra ID administration and hybrid identity design.
- Experience implementing SSO, MFA, Conditional Access, and identity lifecycle automation.
- Working knowledge of authentication/federation protocols (SAML, OAuth, OIDC, LDAP).
- Experience with Entra Connect or Cloud Sync for hybrid identity.
- Hands-on identity federation support across AD, Entra ID, AWS, and GCP.
- Experience supporting identity security operations, incident response, or resilience planning.

Nice To Have (but Not Required)
- Experience with Okta and Microsoft Entra ID.
- Experience in life sciences/pharmaceutical or other GxP-regulated environments.
- Familiarity with Microsoft 365 security and compliance.
- Experience automating identity workflows using PowerShell or Microsoft Graph API.
- Microsoft certifications (e.g., Identity and Access Administrator Associate, Azure Administrator Associate, Windows Server/Active Directory).

Application Instructions
- Current Insmed employees: apply via the Jobs Hub in Workday.

Apply now

Identity and Access Management Engineer II

More jobs

Senior Cloud Architect

AbbVie

Technology Portfolio Management Director

Vertex Pharmaceuticals