Senior Identity and Access Management Engineer

The Senior IAM Engineer will play a key role in designing, implementing, and operating enterprise identity and access management capabilities across Microsoft Entra  the organization's credential management systems to include PKI. This role requires deep technical expertise, hands-on engineering experience, and the ability to translate business and security requirements into secure, automated identity controls.

1. Microsoft Entra Identity Services

• Design, implement, and maintain secure SSO integrations for SaaS and on-prem applications using SAML, OIDC, and OAuth
  2.
• Lead the automation of user provisioning and deprovisioning workflows via Entra  SCIM-based integrations.
• Develop and manage access reviews, entitlement management, and least-privilege policies using Microsoft Entra and Azure AD Identity Governance.
• Implement and maintain conditional access policies, MFA configurations, and group-based access controls.
• Collaborate with application owners and security teams to ensure consistent identity lifecycle management across hybrid cloud environments.

2. PKI and Credential Management

• Design, implement, and operationalize enterprise PKI infrastructure, including certificate authorities, registration authorities, and certificate templates.
• Enhance and automate certificate enrollment, renewal, and revocation workflows across servers, applications, and end-user devices.
• Integrate certificate-based authentication (CBA) with identity platforms and endpoint management systems.
• Develop policies and processes for credential issuance, rotation, and lifecycle management.
• Support audit and compliance requirements related to certificate and credential management.

Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• 5-8 years of experience in IAM engineering or related security infrastructure roles.
• Deep knowledge of Microsoft Entra  (Azure AD), identity protocols (SAML, OIDC, OAuth2), and lifecycle management best practices.
• Experience implementing Entra  Governance features (access reviews, entitlement management, PIM).
• Strong expertise with PKI technologies (Microsoft ADCS, cloud-based CAs, HSM integration, CRLs, and certificate automation).
• Familiarity with modern credential management tools (e.g., Venafi, Keyfactor, Hashi Corp Vault, or Azure Key Vault).
• Hands-on scripting experience (Power Shell, Python, or similar) for automation and API integrations.
• Working knowledge of security and compliance standards such as NIST, ISO 27001, and Zero Trust Architecture.

Preferred Skills

• Experience with identity federation and hybrid cloud IAM architectures.
• Prior experience integrating Entra
  
  ID (or other IDP) with SAP GRC Access Management and/or SAP IAS.
• Knowledge of device identity, machine certificates, and code-signing processes.
• Strong troubleshooting and documentation skills.
• Strong Microsoft based skills as it relates to IAM.
• Relevant certifications such as Microsoft Certified:
  Identity and Access Administrator (SC-300), CISSP, or similar.

Success in this Role

• Streamlined identity life cycles with measurable improvements in provisioning efficiency and access compliance.
• Automated certificate management processes reducing human intervention and outages.
• Strengthened identity security posture aligned with Zero Trust principles.

Chobani is a food maker with a mission of making high-quality and nutritious food accessible to more people, while elevating our communities and making the world a healthier place. In short: making good food for all. In support of this mission, Chobani is a purpose-driven, people-first, food-and-wellness-focused company, and has been since its founding in 2005 by Hamdi Ulukaya, an immigrant to the U.S. The Company manufactures yogurt, oat milk, and creamers - Chobani yogurt is America's No.1 yogurt brand, made with natural ingredients without artificial preservatives.

Following the 2023 acquisition of La Colombe, a leading coffee roaster with a shared commitment to quality, craftmanship and impact, the Company began selling cold-pressed espresso and lattes on tap at cafes nationwide, as well as Ready to Drink (RTD) coffee beverages  2025, Chobani acquired Daily Harvest, a modern brand offering consumers nutritious, delicious and convenient ready-to-make meals.

Chobani uses food as a force for good in the world - putting humanity first in everything it does. The company's philanthropic efforts prioritize giving back to its communities and beyond. Chobani manufactures its products inNew York,Idaho,Michigan and Australia, and its products are available throughout

North America and distributed in Australia and other select markets.

For more information, please visit or follow us on Facebook, Twitter, Instagram and Linked In.

Chobani is an equal opportunity employer. Chobani will not discriminate against any applicant for employment on any basis including, but not limited to race, color, religion, sex, sexual orientation, gender identity,…