NEWPosted 4 hours ago

Job ID: JOB_ID_8253

Role: IAM Security Architect

Duration: 12 months

Location: New York, NY or Pittsburgh, PA (4 days onsite required weekly from day one)

Visa: US Citizen or Green Card Holder

Interview: Video

Requirement: Need LinkedIn ID!!!

Azure Native Tooling (Primary):

  • Identity & Access: Microsoft Entra ID (Azure AD), PIM, Conditional Access, Authentication Strengths, RBAC, Managed Identities
  • Threat Protection: Entra ID Protection, Microsoft Defender for Identity, Microsoft Defender XDR signals
  • SIEM/SOAR: Microsoft Sentinel (Log Analytics, Workbooks, Playbooks/Logic Apps)
  • Posture & Policy: Azure Policy, Azure Blueprints, Azure Automation
  • Secrets & Crypto: Azure Key Vault (FIPS 140-2), Key Vault HSM (as applicable)
  • Monitoring/Telemetry: Azure Monitor, Sign-In/Audit Logs, Diagnostic Settings, Activity Logs

Required Qualifications:

  • 7+ years in security engineering/architecture, with 3+ years focused on IAM in Azure using native tooling.
  • Deep hands-on experience with Entra ID (Azure AD), RBAC, PIM, Conditional Access, Managed Identities, and Key Vault, including policy design and enforcement at scale.
  • Practical knowledge of FedRAMP baselines (Moderate/High), NIST SP 800-53 control families, and audit/assessment processes; experience contributing to SSP/ConMon evidence.
  • Strong proficiency in Azure Policy/Blueprints and policy-as-code approaches; experience embedding controls into CI/CD.
  • Ability to design high-fidelity detections and automate incident response for identity threats using Sentinel and Logic Apps.
  • Excellent documentation and communication skills for control narratives, runbooks, access governance procedures, and executive status reporting.
  • Bachelors degree in Information Security, Computer Science, Information Systems, or related field; equivalent experience considered.

Preferred Qualifications:

  • Experience operating in Azure Government or GCC High tenants and understanding telemetry/control nuances in those environments.
  • Background in Zero Trust principles, privileged identity strategy, and secure service-to-service authentication patterns.
  • Familiarity with Microsoft Purview and data access governance for sensitive workloads.
  • Scripting/automation skills (KQL, PowerShell, Bicep/Terraform basics) to manage identities, enforce policies, and generate evidence.
  • Certifications: AZ-500 (Azure Security Engineer Associate), SC-300 (Identity and Access Administrator), SC-200 (Security Operations Analyst), CISSP/CCSP, or equivalent.

Special Requirements

Must show his Card on Video Call, 4 days onsite required weekly from day one, US Citizen or Green Card Holder

Compensation & Location

Salary: $130,000 – $170,000 per year (Estimated)

Location: New York, NY

Recruiter / Company – Contact Information

Email: joo@tekpyramids.com

Interested in this position?
Apply via Email

Recruiter Notice:
To remove this job posting, please send an email from
joo@tekpyramids.com with the subject:

DELETE_JOB_ID_8253

to delete@join-this.com.