Sr. IAM Engineer

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives.

Must be legally eligible to work in the United States without sponsorship, now or in the future, to be considered.

Who is Customers Bank?

Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with.

We get you further, faster. 

Focused on you: We provide every customer with a single point of contact. A dedicated team member who’s committed to meeting your needs today and tomorrow.

On the leading edge: We’re innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead.

Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we’re a partner you can trust.

What You’ll Do:

We are seeking a Senior Identity and Access Management (IAM) Engineer to lead the evolution of our identity infrastructure. This highly visible, hands-on role will serve as the Global Administrator for both our on-premises Active Directory and Microsoft Entra ID (Azure AD) environments. You will be instrumental in consolidating multiple Entra ID tenants, enforcing identity governance policies, and ensuring secure and compliant access across all systems.

The position reports to the Enterprise Architecture Lead to ensure alignment with long-term platform strategy and cloud transformation initiatives.

Identity Infrastructure & Operations

• Serve as Global Admin across multiple Entra ID tenants and on-prem AD forests/domains.
• Lead the consolidation of Entra ID instances into a single, unified cloud identity platform.
• Manage and maintain Azure AD Connect / Entra Connect Sync for hybrid identity synchronization.

Security & Governance

• Implement and enforce identity security policies including MFA, Conditional Access, Privileged Identity Management (PIM), and RBAC.
• Align IAM controls FFIEC, SOX, GLBA, and internal compliance standards.
• Support audits and deliver access reviews, remediation plans, and IAM-related evidence.

Integration & Support

• Implement and support Single Sign-On (SSO) integrations across internal enterprise apps and SaaS platforms using SAML, OIDC, and OAuth.
• Design and manage Azure AD B2C tenants for external user access to customer- or partner-facing applications.
• Collaborate with Exchange Admins, Microsoft 365 Teams, and Security to ensure smooth directory integration across platforms.
• Provide identity support for cloud migration projects, applications, and endpoint access.
• Troubleshoot complex identity and authentication issues and serve as the escalation point for IAM incidents.

Monitoring & Automation

• Maintain and monitor directory health, synchronization jobs, user provisioning/deprovisioning, and license assignment.
• Automate tasks and create audit reports using PowerShell and Microsoft Graph API.
• Maintain documentation on identity architecture, configurations, policies, and operational runbooks.

What Do You Need?

• 5+ years of experience in Active Directory and Entra ID / Azure AD administration in hybrid enterprise environments.
• Strong knowledge of identity lifecycle, directory synchronization, Group Policy, and IAM security models.
• Hands-on experience with Azure AD Connect, MFA, PIM, Conditional Access, and PowerShell scripting.
• Proven ability to lead identity projects, such as tenant consolidation, cloud migrations, and IAM modernization.

Preferred:

• Familiarity with Exchange Online, Hybrid Exchange, and Microsoft 365 identity services.
• Experience in regulated industries (banking, finance, healthcare).
• Knowledge of Zero Trust frameworks and privileged access management practices.
• Exposure to Entra ID Governance or Identity Protection features.
• Strong sense of ownership and accountability
• Clear and effective communicator with both technical and non-technical teams
• Comfortable in a fast-paced, evolving environment with shifting priorities

Certifications (preferred but not required)

• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Microsoft Certified: Entra ID Administrator
• CISSP, Azure Security Engineer Associate, or equivalent

Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We also provide “reasonable accommodations”, upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. 

Diversity Statement:

At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let’s take on tomorrow.