The Identity and Access Management (IAM) Staff Engineer plays a critical role in safeguarding enterprise systems and data by ensuring secure, efficient, and compliant access to digital resources. As IAM Staff Engineer you will play a pivotal role in the implementation, and management of best-in-class Identity Governance and Administration (IGA) solutions and engineering modern identity and access management (IAM) solutions. You will enable a more secure Enterprise where the right people have access to the right resources at the right time. You will have an opportunity to work in all aspects of identity from Identity Governance and Administration (IGA) to single sign on, access management, lifecycle workloads entitlements, and managing identity and access management solutions across Pediatrix.

• Designs, develops, tests, implements, and integrates Identity and Access Management (IAM) systems and solutions
• Drives the execution and continuous improvement of Identity and Access Management (IAM) controls technology. This includes, but isn't limited to, administration, configuration of IAM/SSO technology, designing and implementing access provisioning and de-provisioning workflows, enabling thorough entitlement reviews and access recertification, implementing and optimizing role-based authorization, ensuring segregation of duties based on business rules, and enabling robust computer user account management.
• Ensures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss
• Ensures the maintenance, patching, operating, and monitoring of IAM systems to ensure high levels of availability, security, and performance.
• Troubleshoots, supports and resolves system incidents, problems and changes
• Assists in onboarding new applications and creates custom workflows, rules, and reports based on business requirements
• Creates documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagrams
• Leads solution design, proof-of-concept development, and full implementation for new features.
• Configure and optimize Single Sign-On (SSO), Multi-Factor Authentication (MFA), and passwordless authentication using Microsoft Entra ID.
• Implement and manage authentication protocols (SAML, OAuth 2.0, OpenID Connect, Kerberos, NTLM, LDAP).
• Participate in afterhours activities as required for implementations, system outages and support.
• Architect, design, and implement Microsoft Entra ID and Active Directory environments. Includes Entra ID components such as tenant configurations and hardening, IGA, MFA, SSO and IDP migrations, conditional access, B2B and B2C
• Performing technical health checks for the AD/Entra ID platforms/environments prior to broader deployments, supporting proof of concept and production deployments of Entra ID and AD.
• Leading transition to Microsoft Entra ID services such as service configuration, Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols, migrating applications (legacy platforms or other) to Entra ID as the IDP, cleaning up the Active Directory environment, domain clean-up activities including, privileged groups and service accounts management, configuration and delivery of Entra ID and AD security and compliance reports and advanced threat protection capabilities such as Defender for Identity, manage/migrate/deploy their LDAP environments including application integration, server upgrades and patching, prepare their Active Directory DR plans and perform regular DR trial runs.
• Performs other related duties as assigned.

Qualifications:

• Bachelor’s in Computer Science, Information Security, or equivalent experience.
• 7–9 years in Identity & Access Management (IAM).

Technical Skills:

• Expertise in IAM frameworks, PAM, and authentication protocols (SAML, OAuth 2.0, OpenID Connect, LDAP, Kerberos).
• Deep knowledge of Microsoft Entra ID (Azure AD), AD, Azure AD Connect, Conditional Access, and Azure AD B2B/B2C.
• Strong grasp of Zero Trust and RBAC models.

Tools & Technologies:

• Experience with Entra ID, NetIQ, CyberArk, ForgeRock, Okta, Ping.
• Familiarity with REST APIs, JSON, RDBMS, GitHub, Jenkins, Eclipse.
• Proficient in JavaScript, Java, PowerShell, Linux shell scripting, and SQL.
• Automation using PowerShell and Microsoft Graph API.

Professional Attributes:

• Thrives in fast-paced, cross-functional environments.
• Innovative, problem-solving mindset.

Preferred Certifications:

• CAMS, CISSP, SC-300.

Take great care of the patient, every day and every way.^TM At Pediatrix & Obstetrix, that’s not only our motto at work each day; it’s also how we view our employees and their families. We know that our greatest asset is YOU.  

We take pride in offering comprehensive benefits in a vast array of plans that fit your life and lifestyle, supporting your health and overall well-being. Benefits offered include, but are not limited to: Medical, Dental, Vision, Life, Disability, Healthcare FSA, Dependent Care FSA and HSAs, as well as a 401k plan and Employee Stock Purchase Program. Some benefits are provided at no cost, while others require a cost share between employees and the company. Employees may also select voluntary plans and pay for these benefits through convenient payroll deductions. Our benefit programs are just one of the many ways Pediatrix & Obstetrix helps our employees take care of themselves and their families.  

Pediatrix Medical Group is one of the nation’s leading providers of highly specialized health care for women, babies and children. Since 1979, Pediatrix has grown from a single neonatology practice to a national, multispecialty medical group. Pediatrix-affiliated clinicians are committed to providing coordinated, compassionate and clinically excellent services to women, babies and children across the continuum of care, both in hospital settings and office-based practices. The group’s high-quality, evidence-based care is bolstered by significant investments in research, education, quality improvement and safety initiatives. 

Please Note: Fraudulent job postings/job scams are becoming increasingly common. All genuine Pediatrix job postings can be found through the Pediatrix Careers site: www.pediatrix.com/careers.

#LI-Remote

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.