Senior IAM Engineer

My client isn’t looking for candidates who have simply operated within large teams. They need a Senior IAM Engineer with genuine technical depth and the communication skills to influence and succeed across the business. Recent candidates have fallen short in these areas, so please only apply if you can clearly demonstrate deep, hands-on expertise across the Microsoft IAM suite, from both an engineering and architectural perspective, as well as real curiosity, ownership, and the ability to operate independently.

My client, a global hedge fund with one of the most advanced technology environments in finance, is building a new IAM capability and looking for a hands-on technologist to lead it.

This isn’t about people management. It’s about engineering.

They need someone who knows Microsoft IAM inside out, Active Directory, Entra ID (Azure AD), ADFS, ADCS and who understands how on-prem and cloud identity systems truly fit together in a hybrid enterprise environment.

You’ll be the technical expert shaping the firm’s authentication and authorization strategy, driving adoption of modern standards, and implementing solutions that make the environment more secure, scalable, and seamless.

What You’ll Do

• Design, implement, and evolve IAM platforms across the Microsoft hybrid stack (Active Directory, Entra ID, ADFS, ADCS).
• Build secure integration between on-prem and cloud identity systems.
• Deploy and tune passwordless and modern authentication technologies (FIDO2, Windows Hello, YubiKeys, Passkeys).
• Drive complex IAM projects end-to-end — from architecture and configuration to troubleshooting and automation.
• Collaborate with infrastructure, application, and security teams to embed identity into everything they build.
• Understand the why behind every implementation, not just the how — and use that insight to continuously improve security posture.

What They’re Looking For

• 7–10 years of hands-on IAM engineering experience in large-scale or regulated environments (finance, enterprise, or big tech).
• Expert-level knowledge of Microsoft IAM technologies: Active Directory, Entra ID (Azure AD), ADFS, ADCS.
• Deep on-prem implementation experience and a solid grasp of hybrid identity models.
• Strong understanding of authentication protocols — Kerberos, PKI, OIDC, FIDO2.
• Curiosity and judgment — someone who asks why before implementing, not just follows instructions.
• Clear communicator who can influence technical peers and explain complex IAM topics simply.

You’ll be the go-to identity expert, shaping how IAM evolves across the firm.

Compensation: $250K–$300K base + bonus + benefits

Hybrid: 3 days onsite in NYC, 2 remote