Identity Management Consultant

Brief description of work expected to perform:

We are seeking a highly skilled and hands-on Identity & Access Management (IAM) Contractor to support our organization's migration from Okta to Microsoft Entra ID. This role will focus on modernizing our identity infrastructure, maximizing our investment in Microsoft's cloud identity platform, and helping transition services off legacy systems.

• Lead and support the migration of SAML/OIDC applications, authentication policies, and identity workflows from Okta to Microsoft Entra ID.
• Configure and optimize Conditional Access, Authentication Methods, Self-Service Password Reset (SSPR), and Multi-Factor Authentication (MFA) policies.
• Design and implement multi-tenant and B2C identity strategies.
• Support hybrid identity scenarios involving Active Directory (AD), Entra Connect, and cloud-first identity models.
• Set up and manage test tenants for validation, experimentation, and proof-of-concept work.
• Implement delegated administration and role-based access control (RBAC) in Entra and Microsoft 365, following least privilege principles.
• Assist with identity lifecycle management, including onboarding/offboarding processes and cleanup.
• Collaborate with internal teams to implement Identity Governance, including Access Reviews, Entitlement Management, and Access Packages.
• Document configurations, processes, and migration plans.
• Provide guidance on best practices for secure remote access, identity lifecycle management, and decommissioning legacy identity systems.

Top Skills (cannot live without) in order of importance.

(Please provide details on your recent experience with each of the skills listed below, including references, as well as the number of years of experience.)

• Strong hands-on experience with Microsoft Entra ID (formerly Azure AD), including Conditional Access, MFA, SSPR, Authentication Methods, and Identity Governance.* (Please do not submit candidates without this experience.)
• Proven experience with Okta and migrating identity services to Microsoft Entra. * (Please do not submit candidates without this experience.)
• Experience with test tenant setup and management for validation and experimentation.
• Familiarity with delegating permissions in Microsoft Entra and Microsoft 365 using least privilege access models.
• Practical experience with identity lifecycle management, including cleanup of stale or orphaned objects.
• Experience with hybrid identity environments, including AD, Entra Connect, and cloud-first identity models.
• Experience with multi-tenant and B2C identity configurations.
• Experience with PowerShell scripting for identity automation.
• Experience with Microsoft Graph API and Entra ID custom extensions.
• Strong Programming and Scripting experience(e.g. Java, Python, C#, Bash)

Highly Desired Skills:

• Microsoft certifications (e.g., SC-300, SC-100, AZ-500).
• Understanding of Zero Trust principles and secure access design.
• Ability to work independently and collaboratively in a fast-paced environment.
• Strong troubleshooting and problem-solving skills.
• Excellent communication and documentation skills.
• DevOps Experience
• AWS IAM, AWS Managed AD
• Experience with HR-as-Master
• Privileged Access Management (PAM)

List of Required Certifications

• CJIS Certification
• Identity and Access Administrator Associate (SC-300)

List of Desired Certifications

• Microsoft certifications (e.g., SC-100, AZ-500).