Cybersecurity Identity and Access Engineer

Location:Grand Rapids, MI (On-site)

Are you passionate about cybersecurity and identity management? We're looking for a talentedIAM Engineerto lead the charge in designing and implementing cutting-edge identity and access management solutions that enhance security and user experience across our enterprise.

In this role, you'll spearhead transformative initiatives likepasswordless authentication,privileged access management,secure credential handling, andZero Trust architecture-making a real impact on our security posture. You'll be a key player in shaping our IAM strategy, ensuring it aligns with regulatory standards and supports our dynamic business needs.

Identity & Access Management Strategy

• Design and maintain IAM workflows for onboarding, offboarding, and access changes.

• Administer role-based access control (RBAC) and privileged access using PIM and JIT models.

• Implement and maintain PAM solutions to secure, monitor, and manage privileged accounts and credentials.

• Manage identity lifecycle for employees and vendors, including cloud-only accounts and Entra ID integrations.

Authentication & Access Control

• Lead the evaluation, design, and deployment of passwordless authentication technologies (e.g., FIDO2, biometrics, smart cards, device trust).

• Configure and support enterprise SSO platforms, Conditional Access policies, MAM, AppLocker, and ASR rules.

• Collaborate with stakeholders to ensure seamless integration of authentication solutions.

• Monitor authentication flows and optimize for security, usability, and compliance.

Credential & Web Access Security

• Oversee secure credential storage and rotation using Keeper.

• Manage Cloudflare Zero Trust configurations for identity-based access control and secure web traffic.

Compliance & Governance

• Ensure alignment with NIST 800-171 and other regulatory frameworks.

• Maintain documentation and audit readiness for authentication and access controls.

• Bachelor's degree in Computer Science, Information Security, or equivalent experience.

• Minimum of 5 years in cybersecurity engineering or related technical roles.

• Proven experience implementing passwordless authentication solutions in enterprise environments.

• Strong hands-on experience with Active Directory, Azure Entra ID, and IAM frameworks.

• Familiarity with Keeper, Cloudflare Zero Trust, and enterprise SSO platforms.

• Proficiency in PowerShell scripting and API integrations.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work independently and collaboratively in a fast-paced, inclusive environment.

• Azure Security Engineer Associate certification, or equivalent.

• Experience with Microsoft Defender, Sentinel, and Purview.

• Background in threat detection, incident response, and playbook development.

Ready to make a difference in cybersecurity? Apply now and help us build a safer, smarter future.