We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
Remote

Security Principal Technical Consultant - Identity and Access Management

AHEAD
vision insurance, paid time off, 401(k)
United States
Dec 13, 2024
AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation.
At AHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD.
We are an equal opportunity employer, and do not discriminate based on an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived.
We embrace all candidates that will contribute to the diversification and enrichment of ideas and perspectives at AHEAD.
Principal Consultants are seasoned experts in information security and/or information security governance or compliance. Successful candidates support the Security and Compliance Practice in Delivery, Business Development, and Practice Development activities.
Principal Consultants collaborate with a diverse team of consultants with varying skills to meet and exceed client expectations through scoped engagements. They effectively facilitate and lead client engagements onsite or remotely by guiding engagements toward scoped objectives and troubleshooting to effectively resolve project risks or issues. Principal Consultants effectively lead client delivery engagements by executing the necessary project tasks, producing expected collateral, and presenting artifacts at any time throughout an engagement, while acting in a leadership capacity to the project team(s).
Principal Consultants also support business development activities alongside a sales specialist to qualify client needs and expectations or demonstrate a capability or skillset. They may be directly engaged in client-facing interactions to identify client needs and to produce and/or present sales proposals, leading client-visioning, or discovery sessions. Principal Consultants may also collaborate with other AHEAD Practice areas to identify complex, cross-practice solution sets to achieve a client's desired state or outcome.
Lastly, AHEAD Principal Consultants also leverage their visibility and experience to contribute to the continuous improvement and maturation of in-practice service offerings and capabilities by proposing ideas for change and executing on ideas that are committed. This includes positively impacting our service portfolio and individuals on the team through thought leadership and mentorship. Principal Consultants require approval from management prior to making any significant change to a given service offering or capability.

Responsibilities
  • Lead the implementation and management of identity solutions using the Okta platform and Microsoft Entra ID.
  • Architect, design, and implement large-scale Active Directory and Entra ID deployments, migrations, and upgrades.
  • Conduct analysis and make recommendations for improving clients' Microsoft Entra ID and Active Directory environments.
  • Troubleshoot access management infrastructure issues and provide advanced technical support and training to end-users.
  • Develop IAM policies, procedures, and documentation.
  • Perform technical health checks for AD/Entra ID platforms and environments.
  • Assist clients with transitions to Microsoft Entra ID services, tenant setup, and service configuration.
  • Perform access reviews and audits to ensure compliance with security policies and regulatory requirements.
  • Assist clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols.
  • Assist clients with cleaning up Active Directory environments and preparing for Azure AD/O365 migration/integration and OKTA.
  • Create domain consolidation and migration activities plans for clients.
  • Prepare Active Directory DR plans and perform regular DR trial runs.
  • Provide clients with configuration and delivery of Entra ID and AD security and compliance reports.
Requirements
  • 3-5 years of experience in identity and access management including OKTA and Microsoft
  • In-depth knowledge of IAM principles, SSO, MFA, directory services, and cloud identity management.
  • Proven track record of managing complex user provisioning and de-provisioning scenarios.
  • Familiarity with IT security standards and compliance frameworks (e.g., SOX, HIPAA, GDPR).
  • Experience with identity and access management concepts and platforms, especially Okta.
  • Proficiency in RESTful APIs, SQL, and scripting languages.
  • Ability to mentor and lead team members effectively.
  • Knowledge of Microsoft best practices for GPO policies and domain hardening.
  • Excellent analytical, problem-solving, and project management skills.
The compensation range indicated in this posting reflects the On-Target Earnings ("OTE") for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidate's relevant experience, qualifications, and geographic location.
Why AHEAD:
Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between.
We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning.
USA Employment Benefits include:
- Medical, Dental, and Vision Insurance
- 401(k)
- Paid company holidays
- Paid time off
- Paid parental and caregiver leave
- Plus more! See benefits https://www.aheadbenefits.com/ for additional details.
Applied = 0

(web-86f5d9bb6b-f242k)