Elevate your career at Marotta Controls, a New Jersey Top Workplace three years running! Dedicated to innovation, quality and excellence, we deliver cutting edge control systems for the Aerospace & Defense industry. At Marotta, we value bold thinking and teamwork, and we empower our employees to push boundaries while delivering top-tier solutions to our customers. Our team fosters a fun, collaborative culture where creativity and technical excellence thrive! Your next big opportunity starts here. Be part of a company where your work supports a mission that makes a difference-apply today!
Active Directory & Identity and Access Management (IAM) Engineer
Essential Functions
The Active Directory & Identity and Access Management (IAM) Engineer is responsible for designing, implementing, and supporting identity solutions across a complex, multi-forest environment. This role is responsible for ensuring secure, scalable, and compliant identity services, with a strong focus on Microsoft Entra, Single Sign-On (SSO), and identity governance and administration tools such as ADManager. The ideal candidate will have deep technical expertise, strong troubleshooting skills, and a security-first mindset.
Minimum Required Qualifications
Bachelor's degree in Computer Science or equivalent
Must be a US Citizen
Technical solution design and planning experience
Basic understanding of the project management life cycle
5 to 7 years' hands-on experience administering Microsoft Active Directory in a multi-forest environment
Experience with Microsoft Entra (Azure AD) and hybrid identity architectures
Experience implementing and supporting Single Sign-On (SSO) technologies (SAML, OAuth, OpenID Connect, Kerberos, NTLM)
Experience implementing and administering MFA solutions, including Duo MFA
Experience with identity lifecycle management and access provisioning/deprovisioning
Experience implementing conditional access and identity security best practices
Strong PowerShell scripting skills for automation and administration
Strong knowledge of cybersecurity principles, including Zero Trust architecture, defense-in-depth, identity threat detection, and secure access design
Understanding of identity-related attack vectors (e.g., credential theft, privilege escalation, pass-the-hash) and mitigation strategies
Strong attention to detail
Good problem-solving skills with the ability to think creatively
Excellent written and verbal skills, including ability to clearly articulate technical issues and activities to technical and non-technical staff
Strong interpersonal skills and the ability to adapt in a complex and changing environment
Consistently meet expected production, accuracy and quality standards as set by management
Must be team oriented with the ability to work independently
Additional Desired Qualifications
Experience administering ADManager or similar identity governance/administration tools
Experience administering Microsoft 365 (user, license, and service administration)
Experience with Privileged Access Management (PAM/PIM) solutions
Experience integrating SaaS and enterprise applications with Microsoft Entra ID
Familiarity with NIST 800-171 and CMMC requirements as they relate to identity and access management
Experience supporting audits or compliance assessments (e.g., CMMC, NIST, ISO, SOC)
Experience with directory synchronization tools (e.g., Entra Connect / Azure AD Connect)
Relevant certifications (e.g., Microsoft Identity, Azure Security Engineer, CISSP, CMMC-related certifications)
Responsibilities
Design, implement, and maintain Active Directory (AD) infrastructure, including domains, forests, trusts, DNS, and Group
Manage user, group, and computer objects, OU structures, and delegation models
Monitor AD health, performance, and replication; troubleshoot complex directory issues
Implement and maintain AD security best practices and hardening standards
Administer and optimize Microsoft Entra (Azure AD), including hybrid identity integrations
Implement and support Single Sign-On (SSO) solutions for cloud and on-premises applications
Manage identity lifecycle processes (joiner, mover, leaver) using tools such as ADManager
Configure and maintain authentication methods including MFA, conditional access, and federation
Ensure secure access controls through role-based access control (RBAC) and least privilege principles
Support identity architectures and configurations aligned with NIST 800-171 and CMMC security controls
Monitor and troubleshoot identity-related issues across on-prem and cloud platforms
Collaborate with security, infrastructure, and application teams to integrate identity services
Assist with audits, compliance assessments, and evidence collection related to identity and access controls
Develop and maintain technical documentation, standards, and operational procedures
Participate in identity modernization initiatives and continuous improvement efforts
Work Environment:
This job interacts both in a professional office environment and a manufacturing/machine shop environment. This role uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines, as well as environments inclusive of the appropriate eye, hearing and foot protection (as required).
Night and weekend work could be required, as job duties demand.
No travel is expected for this position
Physical Requirements:
While performing the duties of this job, the employee is regularly required to see, talk, and hear
The employee is frequently required to reach and lift with hands and arms, and to use hands to finger, handle or feel
The employee is regularly required to sit, stand, walk, bend, turn, etc., and move about the facility
The employee may be required to lift, push, pull and/or move items weighing up to 25 pounds
This position is at our Parsippany, NJ corporate offices location.
Pay Range: $91,500 - $118,180
Many of our contracts require proof that you are a U.S. citizen and/or that an export license has been obtained for employees who are citizens of certain countries. Your employment, both initially and continually thereafter, is conditioned on production of such proof of citizenship and/or any export license that may be required to comply with any and all applicable laws, regulations, or executive orders, or required by Federal, State, or local government contracts.
At Marotta Controls, we are committed to a fair, performance-driven compensation approach that promotes consistency across all levels of our organization. We ensure that pay decisions are free from bias, based on objective criteria, and are regularly reviewed.
Your level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, experience, and internal consistency.
Additionally, we offer a highly competitive compensation package for this opportunity, including incentive compensation and a comprehensive suite of premium benefits. These include medical, prescription, dental, vision, life, and disability insurance, a 401(k) plan with company match, tuition assistance, paid vacation, sick and personal days, paid holidays, and flexible scheduling options such as compressed workweeks. We value and reward employee achievements and host multiple engagement events each quarter to foster a strong, supportive workplace culture.
If you are looking to grow or accelerate your career and be part of a best in class organization while enjoying a work-life balance, please visit our website at www.marotta.com to learn more about us and to apply. Check out all of our openings at https://marotta.com/job-openings/
VETERANS ARE ENCOURAGED TO APPLY
No agencies, please.
