Job Description
Job Description
Role: IAM architect/Consultant
Location: : Work location & Remote 2 Metrotech Center 4 th FL & Remote (2 days in office/3 days remote)
Experience: 12+ Years
Visa : H1B/USC/GC
Interview : Virtual
The NYC Office of Technology and Innovation has been tasked with recruiting a Specialist 3, IAM CONSULTANT. The Citywide Identity and PKI Modernization project at OTI. Infrastructure Resilience is undertaking a major transformation of its Identity Access Management ecosystem by consolidating disparate directories and modernizing Citywide PKI to align with industry best practices and regulatory demands.
SCOPE OF SERVICES:
• Assess and develop a roadmap for OTI’s disparate directories consolidation
• Provide guidance and implementation support for integration with Entra and other IAM security enhancements
• Architect and implement Citywide-level PKI modernization, including infrastructure changes for reduced certificate lifespans
• Advice on governance, compliance, lifecycle management and automation of digital certificates
• Lead migration planning, risk assessment, and mitigation for directories and PKI modernization
• Perform technical knowledge transfer, upskilling internal teams on new infrastructure and practices TASKS:
• PKI Architecture, Engineering and Administrator – 40%
• Entra ID Architecture, Engineering and Administrator – 30%
• Directory Architecture, Engineering and Administrator – 20%
• IAM Level 3 Technical Support – 10%
MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered.
• 12 years in IAM architect, engineering, administration and operations with focus on directory services and PKI
• Deep expertise in Active Directory (on-prem and hybrid), Entra ID, and eDirectory
• Hands-on experience in designing and operating Microsoft PKI, including certificate authority management, certificate lifecycle, and automation
• Solid understanding of modern authentication/authorization protocols (OAuth, SAML, Kerberos, etc.)
• Experience with security roadmap development, risk assessment, and compliance (NIST, ISO, SOX or PCI-DSS)
• Strong documentation, communication, and stakeholder management skill
DESIRABLE SKILLS/EXPERIENCE:
• Experience with cloud PKI services
• Familiarity with Entra ID Governance, Conditional Access Policy, and modern security controls
• Experience automating PKI workflows (API/script-based certificate management)
• Multi-forest, multi-tenant IAM architecture expertise
• Prior experience working with NYC agency
• Working knowledge of enterprise ITSM, change management, and project management methodologies SPECIAL REQUIREMENTS: N/A
• Ability to work cross-functionality with technical and business stakeholders in a complex enterprise
• Availability to provide after-hours support to critical migrations and incident response
Regards,Venkatesh Kulkarni | Sr. Lead Recruiter,venkatesh.kulkarni@centstone.com / 332-213- 5797venkatesh kulkarni | LinkedIn CENTSTONE SERVICES LLC
Address: 3400 State Route 35, Suite 9B, Hazlet, New Jersey, 07730 USA