Senior Identity and Access Engineer

Morgan, Lewis & Bockius LLP, one of the world’s leading global law firms with offices in strategic hubs of commerce, law, and government across North America, Asia, Europe, and the Middle East, is seeking to hire a Sr. Identity and Access Engineer. Reporting to the Manager of Identity and Access Management, the Sr. Identity and Access Engineer provides mentoring to fellow engineers and contributes great things to the team with respect to knowledge transfer and advanced knowledge of Identity Access Management (IAM) engineering fundamentals. This position will reside in our Philadelphia office with a hybrid in-office/remote working schedule. Responsibilities: Respond to strategies provided by the Architecture and Engineering team and its management for implementation and oversight and will be called upon to resolve the highest-level technical issues. In addition, this person will partner with applicable teams to ensure secure, scalable, and compliant identity services. Develop innovative IAM strategies and take ownership of these through all phases. Deliver enterprise-wide IAM, identity governance, and authentication solutions in a hybrid cloud capacity. Design and implement lifecycle management automation for joiner, mover and leaver scenarios. Implement role-based access control (RBAC) and apply the concept of least-privilege. Provide programmatic solutions to include PowerShell, JSON, SQL, LDAP, and object-oriented languages for IAM systems. Collaborate with other IAM team members on system design, architecture, and strategies to provide high levels of customer satisfaction. Integrate enterprise applications for SSO and set up provisioning/offboarding. Lead key meetings including technical, cross-functional, and stakeholder meetings. Ensure Enterprise services and servers remain operational and monitor Active Directory, EntraID, and IAM services. Provide after-hours support as needed to address incidents, system maintenance. Create and maintain architecture and documentation for IAM systems. Represents the team during the audit and ISO 27001 certification process. Participate in on-call support rotation. Education and experience: A bachelor's degree from a four-year college or university. 5 years of hands-on experience in Identity and Access Management / Identity Governance engineering roles. 5 years of experience with Cloud technologies (Azure, AWS, GCE) in a hybrid/multi-cloud identity environment. Solid understanding of identity federation protocols (SAML, OAuth, OpenID Connect) and access governance concepts. Problem-solving and analytical skills; ability to handle complex, time-sensitive incidents. Excellent communication skills and ability to collaborate across technical and non-technical stakeholders. Technical requirements: Expertise in MS Active Directory (design, administration, Group Policy, replication, trusts, privileged access). Proficiency with MS Entra ID (conditional access, PIM, hybrid identity, SSO/MFA, entitlement managem