×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Systems Engineer Cybersecurity

Lead Cloud IAM Engineer

Job in Charlotte, Mecklenburg County, North Carolina, 28245, USA
Listing for: Innoventrics
Full Time position
Listed on 2026-03-12
Job specializations:
  • Engineering
    Systems Engineer, Cybersecurity
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Mission

The IAM team at needs a Lead Cloud IAM Engineer to design, build, and operate enterprise identity and directory capabilities across Microsoft Entra  (Azure AD), on-premises Active Directory, and select GCP identity integrations. This role blends deep engineering execution (automation, scripting, integration, troubleshooting) with architecture/design contributions and technical leadership including leading complex initiatives spanning multiple lines of business. The ideal candidate is a strong communicator who can translate technical detail into clear outcomes, partner effectively across teams, and drive delivery from concept through production.

Must

Haves
  • 6+ years of extensive hands‑on engineering experience with Microsoft Entra  (Azure AD) and Active Directory in enterprise environments
  • Hybrid identity and integration components such as Entra/Azure AD Connect sync
  • 6+ years experience of strong scripting & automation capability (Power Shell and/or Python strongly preferred), with demonstrated ability to product ionize scripts (logging, error handling, modularity, testing approach)
  • 4+ years of Identity & Access Management experience
  • Experience implementing identity security capabilities such as Conditional Access, privileged access workflows (e.g., PIM), and tenant/directory hardening.
  • Demonstrated ability to lead complex projects across multiple teams/lines of business, including planning, sequencing dependencies, and driving delivery.
  • Excellent written and verbal communication skills, including the ability to explain tradeoffs and influence outcomes.
Day To Day
  • Hands‑on Engineering & Operations (Primary responsibility)
  • Communication & Cross‑LOB Delivery (Critical) – serve as a technical lead who communicates clearly with engineering peers, security partners, and non‑technical stakeholders; produce crisp documentation and decision records.
  • Automation, Scripting, and Development – build and maintain automation for identity operations and controls using strong scripting (e.g., Power Shell/Python) and engineering best practices.
  • Develop and maintain Infrastructure‑as‑Code / automation assets, including IAM Terraform module development and reusable patterns for identity integrations.
  • Architecture, Design, and Solution Leadership – contribute to solution architecture and design artifacts and partner with stakeholders to create secure, scalable identity designs (conceptual→logical→physical where needed)
  • Engineer and operate hybrid identity solutions spanning on‑prem AD and Entra , supporting a broad set of enterprise applications and services.
  • Implement and maintain key identity platform capabilities such as:
    • Entra  / Conditional Access policies, named locations, and identity security controls
    • Azure AD Connect / Entra Connect sync including identity lifecycle and sync process improvements
    • Privileged Identity Management (PIM) eligibility/workflows for Entra , groups, and resources
    • Entra  Protection / Smart Lockout and related tenant hardening
    • Kerberos / SSO capabilities including Azure Cloud Kerberos Trust where applicable
  • Deliver directory services engineering including GPO administration, schema administration, and secure operational practices aligned to identity risk reduction
  • Provide engineering support for security logging/monitoring and resilience planning (e.g., cyber resiliency/BCP playbooks/exercises) across AD & Entra .
  • Perform technical reviews of changes that could enable lateral movement or privileged takeover (e.g., enterprise/domain admin/global admin risk paths) and implement mitigations.
  • Provide consulting and technical guidance to partner engineering teams (e.g., collaboration platforms, cloud teams, product teams) to enable secure identity outcomes.
  • Drive alignment and coordination across multiple stakeholders to deliver outcomes without sacrificing security posture.
Preferred Qualifications
  • Familiarity with identity‑related security tooling and control implementations (e.g., identity monitoring/defense and IAM control reviews)
  • Experience with Terraform and reusable module development for identity/IAM capabilities
  • Experience producing architecture/design artifacts and partnering with architecture or technical authority functions

Skills:

iam, enterprise, security, cloud, architecture, access, automation, design, azure, teams.

#J-18808-Ljbffr
Position Requirements
5+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search