Microsoft Identity and Access Management Engineer

Build a career powered by innovations that matter!  At Novanta, our innovations power technology products that are transforming healthcare and advanced manufacturing—improving productivity, enhancing people’s lives and redefining what’s possible.  We create for our global customers engineered components and sub-systems that deliver extreme precision and performance for a range of mission-critical applications—from minimally invasive surgery to robotics to 3D metal printing.

Novanta is one global team with over 26 offices located in The Americas, Europe and Asia-Pacific.  Looking for a great place to work?  You have found it with a culture that embraces teamwork, collaboration and empowerment.  Come explore Novanta.

Position Overview

Novanta is seeking a skilled Microsoft Identity and Access Management (IAM) Engineer to join our Information Technology team. This mid-level role is responsible for designing, implementing, and maintaining identity and access management solutions across the organization’s Microsoft ecosystem. The ideal candidate brings 3–5 years of hands-on experience with Microsoft IAM technologies, a strong security mindset, and a passion for enabling secure, seamless access across a modern enterprise environment.

Position Details:

Job Title:  Microsoft Identity and Access Management Engineer

Department:  Information Technology

Location:  United States (Remote)

Employment Type:  Full-Time

Experience Level:  Mid-Level (3–5 years)

Reports To:  VP of IT

Key Responsibilities:

• Design, implement, and maintain Microsoft Azure Active Directory (Azure AD / Entra ID) environments in hybrid and cloud-native configurations.
• Manage user lifecycle processes including provisioning, de-provisioning, and role-based access control (RBAC) assignments.
• Configure and maintain Conditional Access policies, Multi-Factor Authentication (MFA), and Single Sign-On (SSO) solutions.
• Administer Microsoft Privileged Identity Management (PIM) and Privileged Access Management (PAM) solutions to enforce least-privilege principles.
• Integrate SaaS applications and on-premises systems with Azure AD using SAML, OAuth 2.0, and OpenID Connect protocols.
• Monitor identity infrastructure for threats, anomalies, and compliance gaps using Microsoft Defender for Identity and Microsoft Sentinel.
• Support and manage on-premises Active Directory environments, Group Policy, and hybrid identity configurations (Azure AD Connect / Entra Connect).
• Collaborate with security, compliance, and application teams to ensure IAM policies meet regulatory requirements including SOX, HIPAA, and GDPR.
• Develop and maintain documentation, runbooks, and standard operating procedures for IAM systems and processes.
• Troubleshoot identity-related incidents, service requests, and access issues in a timely and structured manner.
• Participate in IAM roadmap planning, architecture reviews, and continuous improvement initiatives.

Required Qualifications:

• 3–5 years of experience in identity and access management, with a strong focus on Microsoft technologies.
• Hands-on expertise with Azure Active Directory / Microsoft Entra ID, including tenant management and identity governance.
• Proficiency in managing on-premises Active Directory and hybrid identity environments.
• Experience designing and implementing SSO integrations using SAML, OAuth 2.0, and OpenID Connect.
• Familiarity with Microsoft Privileged Identity Management (PIM) and Conditional Access policy configuration.
• Practical knowledge of MFA solutions, including Microsoft Authenticator and FIDO2 security keys.
• Experience with PowerShell scripting for IAM automation, reporting, and administration tasks.
• Solid understanding of Zero Trust security principles and their practical application to identity and access management.
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or equivalent professional experience.

Preferred Qualifications:

• Microsoft certifications such as SC-300 (Microsoft Identity and Access Administrator Associate), AZ-500, or MS-500.
• Experience with Microsoft Entra Verified ID, Entitlement Management, or Identity Governance features.
• Familiarity with third-party PAM or IGA tools such as CyberArk, SailPoint, or Saviynt.
• Experience with SIEM platforms, particularly Microsoft Sentinel, for identity threat detection and response.
• Knowledge of compliance frameworks including SOX, HIPAA, NIST Cybersecurity Framework, and ISO 27001.
• Exposure to DevSecOps practices and integration of IAM controls into CI/CD pipelines.

Salary:

• Competitive base salary commensurate with experience, plus annual performance bonus.
• The salary for this role will range from 101,100 USD to 161,800 USD annual based on full-time employment. Salary offers are based on a wide range of factors including but not limited to location, relevant skills, training, experience, education, etc.
• Certain roles may be eligible for performance-based incentive compensation and/or long-term incentives. Incentives could be discretionary or non-discretionary depending on the plan.
• Novanta supports all aspects of your life’s needs. This position provides a full range of medical, financial, and other benefits to make your quality of life better

Comprehensive health benefits including medical, dental, and vision insurance.

401(k) retirement plan with company match.

Generous paid time off, company holidays, and flexible scheduling.

Remote or hybrid work flexibility based on role and team needs.

Ongoing professional development support, including funding for certifications and training.

Collaborative, inclusive culture driven by innovation and continuous improvement.

The opportunity to work with cutting-edge technology at a global precision medicine and motion company.

About Novanta:

Novanta is a trusted technology partner to medical and advanced industrial original equipment manufacturers (OEMs). We design and manufacture proprietary components and subsystems that are deeply embedded in the products our customers bring to market. Our technologies enable our customers to improve productivity, enhance quality, and advance patient outcomes. Headquartered in Bedford, Massachusetts, Novanta operates globally with a team of over 3,000 employees across North America, Europe, and Asia.

Novanta is proud to be an equal employment opportunity and affirmative action workplace. We consider all qualified applicants without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, military and veteran status, disability, genetics, or any other category protected by federal law or Novanta policy.

Please call +1 781-266-5700 if you need a disability accommodation for any part of the employment process.