Position OverviewNovanta is seeking a skilled Microsoft Identity and Access Management (IAM) Engineer to join our Information Technology team. This mid-level role is responsible for designing, implementing, and maintaining identity and access management solutions across the organization's Microsoft ecosystem. The ideal candidate brings 3-5 years of hands-on experience with Microsoft IAM technologies, a strong security mindset, and a passion for enabling secure, seamless access across a modern enterprise environment.
Position Details:
Job Title: Microsoft Identity and Access Management Engineer
Department: Information Technology
Location: United States (Remote)
Employment Type: Full-Time
Experience Level: Mid-Level (3-5 years)
Reports To: VP of IT
Key Responsibilities:- Design, implement, and maintain Microsoft Azure Active Directory (Azure AD / Entra ID) environments in hybrid and cloud-native configurations.
- Manage user lifecycle processes including provisioning, de-provisioning, and role-based access control (RBAC) assignments.
- Configure and maintain Conditional Access policies, Multi-Factor Authentication (MFA), and Single Sign-On (SSO) solutions.
- Administer Microsoft Privileged Identity Management (PIM) and Privileged Access Management (PAM) solutions to enforce least-privilege principles.
- Integrate SaaS applications and on-premises systems with Azure AD using SAML, OAuth 2.0, and OpenID Connect protocols.
- Monitor identity infrastructure for threats, anomalies, and compliance gaps using Microsoft Defender for Identity and Microsoft Sentinel.
- Support and manage on-premises Active Directory environments, Group Policy, and hybrid identity configurations (Azure AD Connect / Entra Connect).
- Collaborate with security, compliance, and application teams to ensure IAM policies meet regulatory requirements including SOX, HIPAA, and GDPR.
- Develop and maintain documentation, runbooks, and standard operating procedures for IAM systems and processes.
- Troubleshoot identity-related incidents, service requests, and access issues in a timely and structured manner.
- Participate in IAM roadmap planning, architecture reviews, and continuous improvement initiatives.
Required Qualifications:- 3-5 years of experience in identity and access management, with a strong focus on Microsoft technologies.
- Hands-on expertise with Azure Active Directory / Microsoft Entra ID, including tenant management and identity governance.
- Proficiency in managing on-premises Active Directory and hybrid identity environments.
- Experience designing and implementing SSO integrations using SAML, OAuth 2.0, and OpenID Connect.
- Familiarity with Microsoft Privileged Identity Management (PIM) and Conditional Access policy configuration.
- Practical knowledge of MFA solutions, including Microsoft Authenticator and FIDO2 security keys.
- Experience with PowerShell scripting for IAM automation, reporting, and administration tasks.
- Solid understanding of Zero Trust security principles and their practical application to identity and access management.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or equivalent professional experience.
Preferred Qualifications:- Microsoft certifications such as SC-300 (Microsoft Identity and Access Administrator Associate), AZ-500, or MS-500.
- Experience with Microsoft Entra Verified ID, Entitlement Management, or Identity Governance features.
- Familiarity with third-party PAM or IGA tools such as CyberArk, SailPoint, or Saviynt.
- Experience with SIEM platforms, particularly Microsoft Sentinel, for identity threat detection and response.
- Knowledge of compliance frameworks including SOX, HIPAA, NIST Cybersecurity Framework, and ISO 27001.
- Exposure to DevSecOps practices and integration of IAM controls into CI/CD pipelines.
Salary:- Competitive base salary commensurate with experience, plus annual performance bonus.
- The salary for this role will range from 101,100 USD to 161,800 USD annual based on full-time employment. Salary offers are based on a wide range of factors including but not limited to location, relevant skills, training, experience, education, etc.
- Certain roles may be eligible for performance-based incentive compensation and/or long-term incentives. Incentives could be discretionary or non-discretionary depending on the plan.
- Novanta supports all aspects of your life's needs. This position provides a full range of medical, financial, and other benefits to make your quality of life better
Comprehensive health benefits including medical, dental, and vision insurance.
401(k) retirement plan with company match.
Generous paid time off, company holidays, and flexible scheduling.
Remote or hybrid work flexibility based on role and team needs.
Ongoing professional development support, including funding for certifications and training.
Collaborative, inclusive culture driven by innovation and continuous improvement.
The opportunity to work with cutting-edge technology at a global precision medicine and motion company.
