×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

IAM​/Azure RBAC Engineer

Job in Pittsburgh, Allegheny County, Pennsylvania, 15201, USA
Listing for: Artech
Full Time position
Listed on 2026-07-01
Job specializations:
  • IT/Tech
    Cybersecurity
  • Engineering
    Cybersecurity
Job Description & How to Apply Below
Position: IAM / Azure RBAC Engineer

IAM / Azure RBAC Engineer

We are seeking a contractor IAM/RBAC Engineer with deep hands-on experience in Client Entra  (formerly Azure AD) and Azure Role-Based Access Control (RBAC). The engineer will design, implement, and administer access controls across Azure resources, enforce least-privilege principles, and support secure, auditable access for privileged and non-privileged users. This role focuses on practical, scalable identity solutions, strong authenticator management, and consistent access governance and monitoring.

RBAC Design and Administration

  • Define and maintain an enterprise role taxonomy across Azure resources.
  • Map permissions to roles and enforce least-privilege access via security groups and role assignments.
  • Prohibit broad, direct privilege assignments; document role-to-permission mappings and changes.

Remote and Privileged Access Governance

  • Implement Just-in-Time (JIT) workflows for elevated access with approvals and time-bound permissions.
  • Establish usage restrictions and configuration norms for VPN/jump hosts/privileged sessions.
  • Define and oversee emergency access ("break-glass") procedures, incident notification, and review.

Identification and Authentication

  • Configure multi-factor authentication (MFA) for privileged roles using strong authenticators (e.g., smart cards or security keys).
  • Provision Azure AD administrator roles for services such as SQL where applicable.
  • Enforce managed identities for applications (e.g., App Service, Function Apps) and centralize identity control to reduce reliance on local service keys.

Authenticator Protection and Secret Hygiene

  • Ensure authorized users safeguard issued authenticators.
  • Prevent unencrypted, embedded static credentials in code, images, and configurations; enforce password and memorized secret parameters per enterprise standards.

Access Governance and Documentation

  • Author and maintain policies, standards, and operating procedures for access controls.
  • Conduct periodic access reviews and support audit evidence collection.
  • Maintain inventories of assets/data and baseline configurations in alignment with enterprise configuration management practices.

Monitoring and Audit Readiness

  • Configure Azure-native monitoring and logging for identity and access events.
  • Route alerts to service owners/security teams and support audit readiness across access-related controls.
  • Validate use of emergency access through incident workflows and post-event review.

Required Technical Skills

  • Advanced knowledge of Client Entra  (Azure AD), Azure RBAC, security groups, privileged identity management (PIM), and JIT access workflows.
  • Hands-on experience with Azure Policy and resource configurations, including enabling managed identities, provisioning Azure AD admin roles for services, and minimizing local service key usage.
  • Familiarity with Azure monitoring and logging capabilities, AAA (authentication, authorization, accounting) concepts, and integration with approval workflow tools.
  • Strong understanding of least-privilege access design and practical application of access control best practices in Azure.
  • Competence in baseline configuration management and maintaining accurate asset/data inventories.

Qualifications and Competencies

  • Demonstrated experience implementing least-privilege design at scale and articulating the rationale for RBAC in Azure.
  • Ability to author and maintain IAM policies and procedures, perform access reviews, and support audit evidence and control test preparation.
  • Proven capability to implement and govern remote/elevated access, emergency access processes, and related incident handling.
  • Strong communication and documentation skills for technical writing and stakeholder coordination.
  • Ability to collaborate across engineering, security, and operations teams to drive consistent, compliant access practices.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary