Note: The job is a remote job and is open to candidates in USA. Repligen Corporation is seeking a highly skilled and results-driven Senior Identity & Access Management (IAM) Engineer to join their Global Infrastructure & Operations organization. This role is responsible for the design, implementation, administration, and continuous improvement of enterprise identity, authentication, access management, identity governance, and Public Key Infrastructure (PKI) services across a global environment.
Responsibilities
- Own the administration, engineering, governance, and continuous improvement of enterprise identity and access management services
- Serve as the primary technical owner for Microsoft Entra ID and related identity platforms
- Design, implement, and support authentication and authorization solutions across cloud and on-premises environments
- Administer and maintain Conditional Access policies, Multi-Factor Authentication (MFA), Identity Protection, passwordless authentication, and modern access management solutions
- Design and support Single Sign-On (SSO) integrations utilizing SAML, OAuth, OpenID Connect, LDAP, Kerberos, and SCIM technologies
- Manage enterprise application onboarding, identity integrations, access provisioning, and entitlement management processes
- Partner with HR, Infrastructure, and application owners to design and automate Joiner, Mover, and Leaver (JML) processes
- Implement and maintain role-based access controls (RBAC), access governance standards, segregation of duties, and least-privilege access models
- Administer Privileged Identity Management (PIM), privileged access controls, privileged account governance, and delegated administration models
- Conduct access reviews, entitlement reviews, and certification activities to ensure appropriate access to systems and applications
- Administer and maintain enterprise Public Key Infrastructure (PKI), including certificate authorities, certificate lifecycle management, issuance, renewal, revocation, and governance
- Manage digital certificates supporting users, devices, applications, servers, network infrastructure, and cloud services
- Support certificate-based authentication, passwordless authentication, and device trust technologies across enterprise platforms
- Partner with Network Engineering teams to support secure wired, wireless, VPN, remote access, and device authentication services
- Monitor identity, authentication, PKI, and NAC platform health while proactively identifying and addressing operational issues
- Develop automation using PowerShell, Microsoft Graph, and related technologies to improve provisioning, governance, monitoring, and reporting processes
- Build and maintain operational dashboards, metrics, and reporting related to identity health, access governance, compliance, and platform performance
- Support compliance, audit, and regulatory requirements through evidence collection, reporting, and control validation
- Partner with Cybersecurity teams to implement secure identity controls aligned with Zero Trust principles and enterprise security standards
- Participate in incident response, root cause analysis, and remediation activities related to identity, authentication, and access management services
- Create and maintain technical documentation, architecture diagrams, operational runbooks, and support procedures
- Evaluate emerging identity, authentication, PKI, and access management technologies and recommend improvements that enhance security, scalability, and user experience
- Provide technical guidance and mentorship to IT teams and application owners regarding identity and access management best practices
Skills
- Bachelor's degree in Information Technology, Computer Science, Information Systems, Cybersecurity, or a related field, or equivalent experience
- Minimum of 7 years of hands-on experience supporting Identity and Access Management technologies in a medium or large enterprise environment
- Deep expertise with Microsoft Entra ID, including Conditional Access, Identity Protection, Multi-Factor Authentication, Identity Governance, and access lifecycle management
- Strong experience implementing and supporting Single Sign-On technologies, including SAML, OAuth, OpenID Connect, LDAP, Kerberos, and SCIM provisioning
- Experience designing and supporting automated Joiner, Mover, and Leaver (JML) processes and identity lifecycle management workflows
- Hands-on experience with Privileged Identity Management (PIM), role-based access controls, access reviews, entitlement management, and access certification processes
- Experience integrating enterprise SaaS platforms such as Microsoft 365, ServiceNow, Workday, SAP, Concur, Salesforce, MasterControl, and similar business applications
- Strong experience with Microsoft Active Directory and hybrid identity environments
- Experience administering enterprise Public Key Infrastructure (PKI), including Microsoft Active Directory Certificate Services (AD CS), certificate lifecycle management, and certificate-based authentication
- Strong understanding of modern identity architecture, authentication protocols, Zero Trust principles, passwordless authentication, device trust, and identity-centric security models
- Strong PowerShell scripting and automation experience
- Experience utilizing Microsoft Graph API and related automation frameworks for identity administration and governance
- Working knowledge of compliance controls, audit requirements, and identity governance best practices
- Strong analytical, troubleshooting, communication, and documentation skills
- Experience supporting global and geographically distributed organizations
- Experience supporting modern identity security platforms such as Beyond Identity, Okta, Duo, Ping Identity, CyberArk, SailPoint, Saviynt, or similar technologies is highly desirable
- Microsoft certifications such as SC-300 (Identity and Access Administrator), SC-100 (Cybersecurity Architect), or equivalent certifications are highly desirable
Benefits
- Employees are eligible to participate in one of our variable cash programs (bonus or commission)
- Eligible roles may receive equity as part of the compensation package
- Paid time off
- Health/dental/vision
- Retirement benefits
- Flexible spending accounts
Company Overview
Company H1B Sponsorship