Optomi, in partnership with a reputable university, is looking to hire 2 Identity Security Engineers to mature a EntraID and On-prem AD environment! This is a junior to mid-level EntraID /Active Directoy role.
The Identity Security Engineer will support and administer enterprise identity infrastructure focused on Microsoft Entra ID and on-premises Active Directory. This role is ideal for someone transitioning into a mid-level identity security position who has hands-on administrative experience with identity platforms and wants to deepen their expertise in enterprise IAM environments.
You will help manage identity services for a large-scale environment (~40,000 users) and work closely with infrastructure and security teams to maintain secure authentication, access management, and identity governance across the organization.
The team supports identity and directory services across a large enterprise environment and operates primarily within Central Time Zone collaboration hours.
Key Responsibilities
- Administer and support Microsoft Entra ID (Azure AD) and on-premises Active Directory environments.
- Configure and manage Single Sign-On (SSO) integrations across enterprise applications.
- Implement and maintain Conditional Access policies and MFA configurations .
- Support identity integrations such as B2B federation and application connectors .
- Maintain directory services and identity infrastructure supporting large enterprise environments.
- Assist in configuration and administration of Privileged Access Management (PAM) solutions such as CyberArk .
- Collaborate with infrastructure, cloud, and security teams to integrate identity systems across platforms.
- Support authentication and access control processes across the identity ecosystem.
- Participate in operational support and improvement of identity security controls.
Required Qualifications
- 2+ years of hands-on experience with Microsoft Entra ID and on-premises Active Directory.
- Experience administering identity platforms in enterprise environments.
- Experience configuring SSO integrations and Conditional Access policies .
- Experience implementing or supporting Multi-Factor Authentication (MFA) .
- Experience working in environments supporting at least 500-1,000+ users (larger environments preferred).
- 5+ years of overall experience in infrastructure, security, or systems administration roles.
- Strong understanding of identity and access management fundamentals.
Nice to Have
- Experience with CyberArk or other Privileged Access Management (PAM) platforms.
- Exposure to AWS IAM or other cloud identity platforms .
- Experience with PowerShell automation .
- Familiarity with PKI or certificate-based authentication .
- Knowledge of authentication protocols such as Kerberos or RADIUS .
