IAM Platform Engineer ll- Microsoft/EntraID

Company Details

 

https://www.berkleytechnologyservices.com/

 

Berkley Technology Services (BTS) is the dynamic technology solution for W. R. Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale, IA and Wilmington, DE, BTS provides innovative and customer-focused IT solutions to the majority of WRBC’s 60+ operating units across the globe. BTS’s wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible.  

 

Driven by a commitment to collaboration, BTS acts as consultants to our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand, but proactively plan for the “What’s Next” in our industry and beyond.  

 

With a culture centered on innovation and entrepreneurial spirit, BTS stands as a community of technology leaders with eyes toward the future -- leaders who truly care about growing not only their team members, but themselves, and take pride in their employees who shine. BTS offers endless ways to get involved and have the chance to grow your career into a wide range of roles you'd never known existed. Come join us as we push forward into the future of industry leading technological solutions.  

 

Berkley Technology Services: Right Team, Right Technology, Simple and Secure. 

Responsibilities

We are seeking a dynamic Senior Engineer II - Identity and Access Management (IAM) with a strong background in IAM technologies, including Microsoft EntraID, Okta Auth0, Certificate Lifecycle Management (CLM), and Active Directory. The ideal candidate will actively engage in the planning, architecture, and execution of IAM systems, serving as a pivotal liaison between the organization and key vendors. This role demands a proactive approach to problem resolution, the ability to lead projects, and a commitment to collaborating with project managers and technical teams to deliver customer-centric solutions, including the presentation of design and deployment strategies. This role requires a proactive stance on system provisioning, maintenance, security, and compliance, ensuring alignment with company goals and regulatory standards. Key to the role is the development of policies and procedures that support system integrity, security, and availability, with a focus on identity verification and access control. Strong analytical skills, excellent communication abilities, and professional experience are crucial for success in this position.

 

• Microsoft EntraID, including managing user identities and access to resources in the cloud, implementing and managing Conditional Access policies, automating user provisioning and de-provisioning, integrating with Microsoft 365, Azure, and other SaaS applications, utilizing EntraID for single sign-on (SSO) and multi-factor authentication (MFA), and monitoring and analyzing sign-in logs for security and compliance
• Okta and Auth0 experience: Managing user identities and access, implementing access policies, automating user provisioning, integrating with applications, utilizing SSO and MFA, and implementing adaptive authentication for enhanced security and compliance.

• In-depth knowledge of Active Directory Domain Services
• Certificate Lifecycle Management, including Microsoft PKI management
• Networking services including InfoBlox for DHCP and DNS management
• In-depth experience with Federation, SSO & MFA technologies
• Scripting (PowerShell) / Automation of IAM Practices
• Monitoring and analyzing sign-in logs for security and compliance
• Understanding and ability to communicate the access control mechanisms for REST APIs
• Manage end-user accounts, permissions, access rights, and storage allocations in accordance with best practices regarding privacy, security, and regulatory compliance
• Serve as liaison to vendors to facilitate problem resolution
• Participate in IAM strategy and roadmap for enterprise stakeholders
• Serve as an Engineer on engagements and work directly with Project Management, Account Management, and Customer teams
• Develop the planning, and assist in the implementation of policies and procedures to ensure system provisioning and maintenance is consistent with company goals, industry best practices, and regulatory requirements
• Conduct research on emerging products, services, protocols, and standards in support of systems software procurement and development efforts
• Participate and adhere to defined incident, problem, and change management best practices
• Proficient communication skills particularly across functional technical areas
• Mentor and cross-train other team members in key skill sets
• ITIL Standards: Participate and adhere to defined ITIL standards for incident, request, and change management. 
• Documentation: Document problems and resolutions for future reference, as well as platform configurations and standards. 
• Communication: Maintain excellent communication skills, particularly across functional technical areas. 
• On Call Rotation (PIC) is required

 

Qualifications

• Proficiency in Microsoft EntraID suite
• Experience with Okta and Auth0
• Proficiency in Certificate Lifecycle Management – Microsoft PKI
• Proficiency in Active Directory Domain Services
• Proficiency in Networking services including InfoBlox for DHCP, DNS and IPAM management
• Strong understanding of SSO, SAML, OAuth/OIDC, Conditional Access, MFA, RBAC, and fine-grained authorization
• Proficiency in scripting with PowerShell and Graph API
• Proficient problem-solving skills
• Ability to learn new technologies and applications quickly
• Excellent communication, time management, organization, and planning skills
• Strong communication skills, both written and verbal
• Bachelor’s degree from a four-year college or university or a combination of equivalent education and work experience.
• Relevant certifications such as Microsoft Certified: Identity and Access Administrator Associate (SC-300), CISSP, highly preferred. 

 

 

The Company is an equal employment opportunity employer. 

Sponsorship Details

Sponsorship not Offered for this Role