Job Description

Job Title: Identity and Access Management (IAMS) Solutions Architect
Location: 100% Remote
Duration: 12 Months
Pay Rate: $50-$80/hr on W2
Scope of Work / Key Responsibilities:
1. Identity and Access Management Architecture

• Lead DOM's migration from on-premises Active Directory to Microsoft Entra ID as the authoritative identity source.
• Architect and maintain Zero Trust-based authentication and authorization models aligned with CMS MARS-E (or ARC AMPE) requirements.
• Configure and manage SAML, OAuth, and OIDC integrations for enterprise and line-of-business applications.
• Implement enterprise application provisioning and SCIM-based integrations within Entra ID.
• Support Access Packages and Access Reviews to strengthen identity governance.

2. Lifecycle Automation and Integration

• Develop and maintain PowerShell scripts and Logic Apps to automate identity lifecycle operations (joiners, movers, leavers).
• Extend automation for Workday-Entra ID integration to enable seamless onboarding and offboarding workflows.
• Design and implement ServiceNow integration with Entra ID and Workday to achieve fully automated access provisioning and deprovisioning.
• Establish monitoring, exception handling, and logging for lifecycle workflows.

3. Device and Endpoint Management

• Align device management with Entra ID Conditional Access and security posture standards.

4. Governance, Risk, and Compliance

• Align all identity and access functions with HIPAA, MARS-E, and ARC-AMPE frameworks.
• Support policy creation and implementation for identity governance, external identity management, and guest access control.
• Advise on least-privilege access models, periodic entitlement reviews, and compliance documentation.
• Collaborate with DOM's Information Security and Compliance teams to ensure audit readiness.

5. Cloud Service Modernization and Technical Leadership

• Provide architectural direction for continued migration of email, file services, and endpoint management to Microsoft 365 / Azure.
• Configure and secure line-of-business applications to leverage Entra ID for both AuthN and AuthZ.
• Deliver technical workshops and architectural sessions to DOM staff to ensure skills transfer and sustainability.
• Maintain alignment with Microsoft's latest cloud identity and security best practices.

Required Skills:

• 10+ years of experience designing and implementing Microsoft identity and security solutions for enterprise or public sector clients.
• Proven ability to deliver and support large, complex migrations to O365 and Azure services.
• Strong scripting and automation background (PowerShell, Logic Apps, Graph API).
• Experience with Kusto Query Language (KQL).
• Deep expertise with Workday, ServiceNow, Entra ID, Intune, and identity governance frameworks.
• Demonstrated ability to engage effectively with both executive stakeholders and technical teams.
• Experience ensuring compliance with HIPAA, MARS-E (or ARC-AMPE) standards.
• Experience supporting GCC tenants.

Skills Required