Senior Active Directory / IAM Engineer - Remote

Join the transformative team at City of Hope, where we're changing lives and making a real difference in the fight against cancer, diabetes, and other life-threatening illnesses. City of Hope’s growing national system includes its Los Angeles campus, a network of clinical care locations across Southern California, a new cancer center in Orange County, California, and treatment facilities in Atlanta, Chicago and Phoenix. our dedicated and compassionate employees are driven by a common mission: To deliver the cures of tomorrow to the people who need them today. 

** This is a Fully Remote Opportunity within the United States**

As a successful candidate, you will:

City of Hope is seeking an experienced and strategic-minded Senior Identity and Access Management / Active Director Engineer to join our Information Technology team. This individual will lead the design, implementation, and ongoing management of our hybrid identity infrastructure—including on-premises Active Directory and Entra ID (formerly Azure AD)—to ensure secure, efficient, and scalable access to enterprise systems.

The Senior IAM / Active Directory Engineer will collaborate with cross-functional teams and regularly present technical strategies, risks, and performance metrics to executive leadership. This position plays a critical role in advancing City of Hope’s security posture through innovation, standardization, and continuous improvement in identity and access management practices.

IAM Solution Design and Implementation:

• Design, implement, and maintain IAM solutions to manage user identities, access privileges, and authentication mechanisms.
• Collaborate with stakeholders to gather requirements and ensure that IAM solutions align with business needs.

System Integration and Optimization:

• Integrate IAM solutions with existing systems, applications, and directory services.
• Optimize IAM workflows and processes to enhance efficiency and user experience.

Access Control and Authorization:

• Implement and manage role-based access controls (RBAC) to ensure that users have appropriate access permissions.
• Conduct regular access reviews and audits to maintain a secure access environment.

Authentication and Federation:

• Evaluate, implement, and manage authentication mechanisms, including multi-factor authentication (MFA).
• Implement and maintain identity federation solutions for seamless and secure access across systems.

Incident Response and Troubleshooting:

• Participate in incident response activities related to IAM, investigating and resolving security incidents.
• Troubleshoot and resolve IAM-related issues in a timely manner.

• Lead the administration, maintenance, and optimization of Microsoft Active Directory, including Group Policy Objects (GPOs), OU structures, trusts, and replication.
• Design, implement, and manage hybrid identity solutions between on-prem Active Directory and Entra ID (Azure AD).
• Maintain and enhance identity lifecycle processes (provisioning, deprovisioning, role-based access control) for both cloud and on-prem environments.
• Manage synchronization and federation services such as Azure AD Connect, ADFS, or Entra Connect Cloud Sync.
• Enforce identity governance policies including conditional access, MFA, and privileged access management in Entra ID.
• Monitor and troubleshoot authentication and authorization issues across Active Directory and Entra services.
• Develop and maintain automation scripts (e.g., PowerShell) to support IAM tasks and improve operational efficiency.
• Support audits and ensure compliance with security standards such as NIST, HIPAA, or ISO 27001 by maintaining clean identity records and access logs.
• Partner with cybersecurity, infrastructure, and application teams to integrate IAM services with enterprise platforms.

Your qualifications should include: 

• Bachelor’s degree in related field; 4 additional years of experience plus the minimum experience requirement may substitute for minimum education
• Seven or more years in a technology related field, with a minimum of 5 years in Identity and Access Management specific experience.  Hospital/healthcare industry experience is desirable, but not required.
• Working knowledge of Information Security tools, practices, policies and processes in a multi-vendor environment with an emphasis on risk analysis, risk assessment and risk management.
• Management/Computer Information Systems (MIS/CIS), Computer/Electrical Engineering, Computer Science or related field

City of Hope employees pay is based on the following criteria: work experience, qualifications, and work location.

City of Hope is an equal opportunity employer.  To learn more about our commitment to diversity, equity, and inclusion, please click here.

To learn more about our Comprehensive Benefits, please CLICK HERE.