TITLE:
Senior Enterprise Services & Identity Engineer
POSITION TYPE:
Full Time – W2 Employee (6-month contract, transition into direct hire)
LOCATION:
Hybrid (Dallas, TX)
OVERVIEW:
The Senior Enterprise Services & Identity Engineer is a key technical leader responsible for designing, implementing, and governing identity, authentication, and access-control capabilities across the enterprise. This role owns the full identity lifecycle and ensures secure, scalable, and reliable identity services that support business operations, compliance requirements, and security objectives. The engineer partners closely with Security, Legal, Infrastructure, and Vendor teams to deliver a mature and evolving identity ecosystem.
DUTIES:
Own identity lifecycle, authentication, and access control across the enterprise
Own and optimize the full identity lifecycle (joiner / mover / leaver) processes
Manage enterprise authentication systems, including MFA and conditional access
Define, implement, and maintain role-based access control (RBAC) models
Administer privileged access management (PIM), ensuring least-privilege operations
Govern and maintain service accounts and non-human identities
Lead design, configuration, and maintenance of federation and SSO integrations
Manage and enforce tenant-level security controls and configuration standards
Coordinate feature rollout management for identity-related services
Partner with Security and Legal teams to ensure identity alignment with data governance policies
Implement and improve license-assignment automation
Drive SKU optimization strategies (E3 vs. E5, workload mapping, cost efficiency)
Manage true-up / true-down cycles for licensing accuracy and financial stewardship
Develop usage analytics and reporting to inform decisions and measure effectiveness
Serve as primary liaison for Microsoft and reseller coordination
Provide technical leadership and mentorship within the IAM domain
QUALIFICATIONS:
7+ years of experience in Identity & Access Management or Enterprise Services engineering
Expertise with Azure AD / Entra ID, Conditional Access, MFA, SSO, and federation technologies
Strong understanding of RBAC, PIM, and identity lifecycle processes
Experience automating licensing, access workflows, and identity provisioning
Deep knowledge of Microsoft 365 tenants, licensing models, and security configurations
PREFERRED QUALIFICATIONS:
PowerShell automation expertise
Background working with Security, Audit, or Compliance teams
Experience in large, complex, or regulated environments