-
Identity & Access Management Contractor
- CAI (Washington, DC)
-
Identity & Access Management Contractor
Req number:
R6148
Employment type:
Full time
Worksite flexibility:
Remote
Who we are
CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right—whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise.
Job Summary
We are looking for a motivated Identity & Access Management (IAM) Contractor ready to take us to the next level! If you have strong hands-on experience with Microsoft Entra ID (formerly Azure AD), including Conditional Access, MFA, SSPR, Authentication Methods, and Identity Governance and are looking for your next career move, apply now.
Job Description
We are looking for an **Identity & Access Management (IAM) Contractor** to support our organization's migration from Okta to Microsoft Entra ID. This position will be **full-time** and **remote.**
What You'll Do
+ Lead and support the migration of SAML/OIDC applications, authentication policies, and identity workflows from Okta to Microsoft Entra ID.
+ Configure and optimize Conditional Access, Authentication Methods, Self-Service Password Reset (SSPR), and Multi-Factor Authentication (MFA) policies.
+ Design and implement multi-tenant and B2C identity strategies.
+ Support hybrid identity scenarios involving Active Directory (AD), Entra Connect, and cloud-first identity models.
+ Set up and manage test tenants for validation, experimentation, and proof-of-concept work.
+ Implement delegated administration and role-based access control (RBAC) in Entra and Microsoft 365, following least privilege principles.
+ Assist with identity lifecycle management, including onboarding/offboarding processes and cleanup.
+ Collaborate with internal teams to implement Identity Governance, including Access Reviews, Entitlement Management, and Access Packages.
+ Document configurations, processes, and migration plans.
+ Provide guidance on best practices for secure remote access, identity lifecycle management, and decommissioning legacy identity systems.
What You'll Need
Required:
+ Strong hands-on experience with Microsoft Entra ID (formerly Azure AD), including Conditional Access, MFA, SSPR, Authentication Methods, and Identity Governance
+ Proven experience with Okta and migrating identity services to Microsoft Entra
+ Experience with test tenant setup and management for validation and experimentation
+ Familiarity with delegating permissions in Microsoft Entra and Microsoft 365 using least privilege access models
+ Practical experience with identity lifecycle management, including cleanup of stale or orphaned objects
+ Experience with hybrid identity environments, including AD, Entra Connect, and cloud-first identity models
+ Experience with multi-tenant and B2C identity configurations
+ Experience with PowerShell scripting for identity automation
+ Experience with Microsoft Graph API and Entra ID custom extensions
+ Strong Programming and Scripting experience(e.g. Java, Python, C#, Bash)
+ CJIS Certification (must be obtained prior to or during onboarding)
+ Identity and Access Administrator Associate (SC-300)
Preferred:
+ Microsoft certifications (e.g., SC-300, SC-100, AZ-500)
+ Understanding of Zero Trust principles and secure access design
+ Ability to work independently and collaboratively in a fast-paced environment
+ Strong troubleshooting and problem-solving skills
+ Excellent communication and documentation skills
+ DevOps Experience
+ AWS IAM, AWS Managed AD
+ Experience with HR-as-Master
+ Privileged Access Management (PAM)
Physical Demands
+ Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state, and local standards
+ Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.
+ Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor.
The pay range for this position is $55 - $63 per hour (USD). Exact compensation may vary based on several factors, including location, experience, and education. Benefit packages for this role includes medical, dental, and vision insurance, as well as 401k retirement account access. Employees in this role may also be entitled to paid sick leave as provided by applicable law.
Reasonable accommodation statement
If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to [email protected] or (888) 824 – 8111.
The pay range for this position is listed above. Exact compensation may vary based on several factors, including location, experience, and education. Benefit packages include medical, dental, and vision insurance, as well as 401k retirement account access. Employees in this role receive paid time off and may also be entitled to paid sick leave and/or other paid time off as provided by applicable law.
-
Recent Jobs
-
Identity & Access Management Contractor
- CAI (Washington, DC)
-
Custodian Lead
- State of Colorado (Denver, CO)
-
Senior Area Sales Manager - Builder Channel (Tampa, FL)
- GE Appliances, a Haier company (Tampa, FL)
-
Business Development Senior Director, Global Occupier Accounts
- CBRE (Nashville, TN)