About this role
Summary
The Senior IAM Engineer will play a key role in designing, implementing, and operating enterprise identity and access management capabilities across Microsoft Entra ID and the organization’s credential management systems to include PKI. This role requires deep technical expertise, hands-on engineering experience, and the ability to translate business and security requirements into secure, automated identity controls.
Responsibilities
1. Microsoft Entra Identity Services
- Design, implement, and maintain secure SSO integrations for SaaS and on-prem applications using SAML, OIDC, and OAuth2.
- Lead the automation of user provisioning and deprovisioning workflows via Entra ID and SCIM-based integrations.
- Develop and manage access reviews, entitlement management, and least-privilege policies using Microsoft Entra and Azure AD Identity Governance.
- Implement and maintain conditional access policies, MFA configurations, and group-based access controls.
- Collaborate with application owners and security teams to ensure consistent identity lifecycle management across hybrid cloud environments.
2. PKI and Credential Management
- Design, implement, and operationalize enterprise PKI infrastructure, including certificate authorities, registration authorities, and certificate templates.
- Enhance and automate certificate enrollment, renewal, and revocation workflows across servers, applications, and end-user devices.
- Integrate certificate-based authentication (CBA) with identity platforms and endpoint management systems.
- Develop policies and processes for credential issuance, rotation, and lifecycle management.
- Support audit and compliance requirements related to certificate and credential management.
Requirements
Qualifications
- Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
- 5–8 years of experience in IAM engineering or related security infrastructure roles.
- Deep knowledge of Microsoft Entra ID (Azure AD), identity protocols (SAML, OIDC, OAuth2), and lifecycle management best practices.
- Experience implementing Entra ID Identity Governance features (access reviews, entitlement management, PIM).
- Strong expertise with PKI technologies (Microsoft ADCS, cloud-based CAs, HSM integration, CRLs, and certificate automation).
- Familiarity with modern credential management tools (e.g., Venafi, Keyfactor, HashiCorp Vault, or Azure Key Vault).
- Hands-on scripting experience (PowerShell, Python, or similar) for automation and API integrations.
- Working knowledge of security and compliance standards such as NIST, ISO 27001, and Zero Trust Architecture.
Preferred Skills
- Experience with identity federation and hybrid cloud IAM architectures.
- Prior experience integrating EntraID (or other IDP) with SAP GRC Access Management and/or SAP IAS.
- Knowledge of device identity, machine certificates, and code-signing processes.
- Strong troubleshooting and documentation skills.
- Strong Microsoft based skills as it relates to IAM.
- Relevant certifications such as Microsoft Certified: Identity and Access Administrator (SC-300), CISSP, or similar.
Success in this Role
- Streamlined identity lifecycles with measurable improvements in provisioning efficiency and access compliance.
- Automated certificate management processes reducing human intervention and outages.
- Strengthened identity security posture aligned with Zero Trust principles.
We offer a comprehensive benefits package, including medical, dental, vision coverage, 401K match, short- and long-term disability coverage, health savings accounts, flexible spending accounts, and tuition reimbursement. We are also proud to offer specialized benefits like health care navigation, mental health services, fertility assistance, and paid parental leave as well as 120 hours of PTO and 11 Holidays each year.
Compensation Range: $105,500.00 - $196,500.00, plus bonus.
Other facts
About Chobani
Chobani is a next-generation food and beverage company on a mission to make nutritious food accessible to all. Since 2005, we have made food from natural ingredients, that tastes delicious and nourishes people. We’re proud to be America’s No. 1 yogurt brand – making yogurt without compromise – with all natural ingredients and no preservatives. Over the last 19 years we’ve continued to disrupt the dairy industry, adding oatmilk and creamers to our portfolio alongside yogurt. In 2023, La Colombe – a leading coffee roaster with a shared commitment to quality, craftsmanship and impact – became part of the Chobani family, adding coffee to our lineup and new opportunities to innovate.
From the beginning, we set out to be a different kind of company, believing how we make our product is just as important as what goes into it. As a business, we put our people first, providing competitive wages, benefits that enable health and wellness, opportunities for growth and development, a commitment to keeping our people safe and fostering an inclusive culture where everyone feels like they belong. People are truly our magic ingredient.
We also believe businesses can do well by doing good and are committed to giving back to the communities we call home. As a food company, we believe everyone should have access to good, nutritious food and are dedicated to fighting hunger and food insecurity. From volunteer initiatives to building infrastructure, and supporting organizations through our Community Impact Fund, we know that what matters most is the difference we make for others.
What you'll do
- The Senior IAM Engineer will design, implement, and operate identity and access management capabilities across Microsoft Entra ID and credential management systems. This includes managing secure SSO integrations, user provisioning workflows, and PKI infrastructure.
Ready to join Chobani?
Take the next step in your career journey