IAM Engineer; Specialized Consultant - III

Overview

Position Title: IAM Engineer (Specialized Consultant - III)

Location: Onsite = (Richmond, VA / Boston, MA / New York City, NY / Philadelphia, PA / Cleveland, OH / Atlanta, GA / Chicago, IL / St. Louis, MO / Minneapolis, MN / Kansas City, MO / Dallas, TX / San Francisco, CA).

Work Status: USC / GCH (3 years green card holder)

Position Status: 1 year contract w/ possible extension or be brought on PERM.

Pay Rate: depend upon the experience

Client: Federal Reserve Bank of Richmond

Location: Onsite = (Richmond, VA / Boston, MA / New York City, NY / Philadelphia, PA / Cleveland, OH / Atlanta, GA / Chicago, IL / St. Louis, MO / Minneapolis, MN / Kansas City, MO / Dallas, TX / San Francisco, CA).

Overview: Our client is looking for an Identity and Access Management Engineer for an onsite position based out of Richmond, VA. They are the nation s central bank, and you’ll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. They invest in contemporary and emerging technology each year to support the Federal Reserve and our economy and are building a dynamic team for the future.

Position

Description:

The Identity and Access Management (IAM) Engineer plays a critical role in modernizing the organization’s identity and directory services as we transition from a traditional, on-premises Active Directory (AD)–centric model to a cloud-first identity architecture. This role leads and supports initiatives to simplify, consolidate, and rationalize AD infrastructure while reducing reliance on legacy directory services in favor of modern cloud identity platforms such as Microsoft Entra  position blends hands-on engineering, architecture design, and cross-team collaboration to deliver secure, scalable, and resilient identity services aligned with Zero Trust principles and cloud transformation objectives.

Responsibilities:

• Lead the modernization, consolidation, and rationalization of Active Directory environments, including domain and forest design, trust models, and directory hygiene initiatives.
• Design and implement strategies to reduce organizational dependence on Active Directory by shifting authentication, authorization, and identity governance workloads to cloud-native platforms (e.g., Microsoft Entra ).
• Partner with security, infrastructure, and application teams to enable modern authentication methods such as passwordless authentication, phishing-resistant MFA, and conditional access, while minimizing the use of legacy authentication protocols.
• Provide technical leadership during migrations to colocation or cloud-adjacent environments, ensuring directory services remain secure, resilient, and supportable throughout transition phases.
• Define and document target-state identity architectures, design standards, and migration roadmaps aligned with Zero Trust and cloud security principles.
• Serve as a trusted technical advisor to stakeholders by translating complex identity and directory challenges into actionable solutions and implementation plans.
• Contribute to operational excellence by improving automation, monitoring, and lifecycle management of identity services.

Required Qualifications:

• Strong hands-on experience with Microsoft Active Directory, including domain and forest architecture, Group Policy, DNS integration, trusts, and identity lifecycle management.
• Demonstrated experience designing, implementing, or operating hybrid identity solutions involving Active Directory and Microsoft Entra  (Azure AD).
• Practical knowledge of modern cloud identity concepts, including conditional access, identity governance, least-privilege access, and Zero Trust architectures.
• Solid understanding of authentication and authorization protocols such as Kerberos, LDAP, SAML, OAuth 2.0, and OpenID Connect, including their modern cloud implementations.
• Experience collaborating across infrastructure, security, and application teams within complex enterprise environments.
• Strong documentation and communication skills, with the ability to produce clear architecture diagrams, design documentation, and implementation guidance.
• Familiarity with enterprise-scale…