
System Administrator, Identity & Access Management
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in United States.
• Act as the operational leader for our identity platform and access governance initiative, ensuring clarity on "who — and what — has access to what".
• Oversee the complete identity lifecycle, which includes automated provisioning and deprovisioning, as well as the prompt revocation of access.
• Manage external identities: Entra External ID / B2B guest access, cross-tenant collaboration, access packages, and regular guest access reviews.
• Supervise non-human identities: service principals, managed identities, workload identities, and service accounts, including credential rotation, secret/certificate lifecycle management, and federated credentials.
• Administer the ID platform, including conditional access policies, new program implementations, identity protection, risk-based access controls, and Privileged Identity Management (PIM).
• Design and manage SSO and SCIM provisioning integrations across the portfolio of SaaS applications.
• Lead periodic access evaluations and recertification initiatives; uphold least-privilege and role-based access control (RBAC) models across M365, Azure, and SaaS platforms.
• Oversee privileged access management, including break-glass accounts, admin role assignments, just-in-time (JIT) elevation, and separation of duties.
• Develop and implement governance for external collaboration: determining which tenants can collaborate with Dianthus, what data can be shared, how guest accounts are sponsored, and the process for their decommissioning.
• Assist with IAM audit and compliance evidence collection.
• Collaborate with the cyber team to respond to identity-related security incidents.
• A minimum of 4 years of practical systems administration experience, with at least 2 years focused on IAM responsibilities.
• Robust understanding of IAM principles, including identity lifecycle, RBAC, least privilege, separation of duties, access certification, and privileged access management.
• Experience managing B2B / guest identities and controls for external collaboration.
• Familiarity with non-human identity management, including service principals, managed identities, workload identity federation, and secret/certificate rotation.
• Proven experience in designing and implementing SSO and SCIM provisioning integrations for SaaS applications.
• Proficient with low-code automation platforms for workflow and integration automation.
• Demonstrated ability to provide technical support to end-users, coupled with strong customer service orientation and communication skills.
• Excellent troubleshooting skills and a security-conscious, service-oriented approach.
• Experience in a regulated industry is preferred (biotech, pharma, healthcare, finance) with familiarity with IAM audit controls.
• Knowledge of GxP / 21 CFR Part 11 requirements for identity and access controls is a plus.
• Experience with implementing or managing an Identity Governance & Administration (IGA) solution is preferred.
• Familiarity with secrets management platforms and their integration into application workflows is advantageous.
• Microsoft certifications: SC-300 (Identity and Access Administrator) are strongly preferred; MS-102, MD-102, or AZ-104 are also acceptable.
• We are pioneering potentially best-in-class therapies for patients suffering from severe autoimmune diseases.
• A culture centered around our core principles, aimed at enhancing the quality of care for our patients.
• Flexibility for remote work is offered.
Basecamp Consulting and Solutions LLC
Dembach Goo Informatik GmbH & Co. KG
The Leaflet
Information Technology Strategies, Inc
Get handpicked remote jobs straight to your inbox weekly.