Job Summary:
The Senior IAM Engineer is a hands-on technical role focused on the implementation, integration, and operation of enterprise identity solutions. This role is responsible for delivering and supporting Microsoft Entra ID services, including the migration of existing identity platforms and applications to modern authentication models. Working closely with IAM Architecture and Security teams the engineer executes identity initiatives across cloud and on-premise environments, builds and maintains authentication and provisioning integrations while ensuring secure, reliable identity services that support the organization’s operation and security objectives.
This is an on-site position located in Springfield, MO- remote work is not an option for this role.
Responsibilities and Duties:
- Execute identity platform initiatives including migrations from legacy identity providers to Entra ID.
- Configure and maintain cross-tenant identity scenarios including Multi-Tenant collaboration, B2B, and External ID
- Implement and support IAM solutions aligned with defined enterprise architecture, focusing on Microsoft Entra ID and hybrid identity environments.
- Configure and maintain core Entra ID capabilities: SSO, MFA, Conditional Access, Passwordless authentication, B2B access, Identity protection policies and risk-based controls.
- Integrate applications using modern authentication protocols: OIDC, OAuth2, SAML
- Configure and Manage: Enterprise Applications, App Registrations, API permissions and consent.
- Implement and maintain identity provisioning solutions using: SCIM, API-Based Provisioning, Event-Drive or Scheduled workflows.
- Support and enhance identity lifecycle processes: Joiner / Mover / Leaver, Access Requests and Approvals, Role and Group-Based access assignment
- Develop Automation and Integration solutions using Powershell, Microsoft Graph API, and Logic Apps or equivalent tooling.
- Build reusable scripts and processes to standardize IAM operations.
- Support adoption of managed identities and service principals for application and workload authentication.
- Implement and support identity security controls aligned with organizational and regulatory requirements.
- Diagnose and resolve issues related to authentication failures, provisioning errors, directory synchronization issues, access and authorization problems.
- Provide technical input and feedback to improve IAM implementations and operational processes.
- Provide hands-on technical mentorship and implementation guidance where appropriate at all levels.
Core Identity and Directory Services
- Core Services (user/group/device)
- Federated Identities
- Custom attributes and schema extensions
- Dynamic Groups
- Directory role strategies for enterprise delegation
Authentication and Access Control
- SSO
- Conditional Access
- Passwordless Authentication
- B2B
Identity Protection and Risk
- User Risk Detection
- Sign-in Risk Detection
- Using Risk with Conditional Access
- Risk Remediation Policies
- Supporting SIEM/SOAR integration
- Logs and Forensics
Identity Governance and Administration
- Access Reviews
- Access Request Workflows
- Time-Bound Access
- Identity and Access Lifecycle (Mover/Joiner/Leaver)
- Augmentation with Logic Apps and other automation technologies.
Application Access and SSO
- OIDC, OAuth2, SAML
- Enterprise Applications
- Application Registrations
- API permissions and consent
- Application Proxy
- Token Configuration and Claims Refinement
Provisioning and Lifecycle
- Guest Users
- Cross Tenant access
- External IDs
Skills:
Required:
- Experience with enterprise scale identity migrations
- Familiarity with Okta, Active Directory, Open LDAP or other like identity providers.Active Directory experience is required.
- Deep knowledge of modern authentication protocols including but not limited to OIDC/OAuth2, SAML, WSFED, etc.
- Familiarity with modern authorization, session, and token handling patterns including but not limited to claims-based authorization, back-channel logout, token introspection, token refinement, etc.
- Strong knowledge of Entra ID specifically including but not limited to the features listed below:
Preferred:
- Retail Industry Experience with a strong understanding of store operations, merchandising, and omnichannel commerce.
- Auto Parts Industry Knowledge, including familiarity with aftermarket supply chains, inventory management, and distribution networks.
- Familiarity with Master Data Management (MDM) principles, architectures, and implementations.
- Experience with international, multi-lingual product catalog solutions and localization strategies.
- Experience with retail POS solutions and Commerce CMS platforms.
- Experience with Warehouse Automation & Material Handling Solutions
O’Reilly Auto Parts has a proven track record of growth and stability. O’Reilly is full of successful career stories and believes in a strong promote-from-within philosophy, encouraging you to grow your career along with the organization.
Total Compensation Package:
Competitive Wages & Paid Time Off
Stock Purchase Plan & 401k with Employer Contributions Starting Day One
Medical, Dental, & Vision Insurance with Optional Flexible Spending Account (FSA)
Team Member Health/Wellbeing Programs
Tuition Educational Assistance Programs
Opportunities for Career Growth
O’Reilly Auto Parts is an equal opportunity employer. The Company does not discriminate on the basis of race, religion, color, national origin or ancestry (including immigration status or citizenship), sex, sexual orientation, gender identity, pregnancy (including childbirth, lactation, and related medical conditions,) age (40 and over), veteran status, uniformed service member status, physical or mental disability, genetic information (including testing or characteristics) or another protected status as defined by local, state, or federal law, as applicable.
Qualified individuals with a disability may be entitled to reasonable accommodation under the Americans with Disabilities Act. If you require a reasonable accommodation during the application or employment process, please send an email to: rar@oreillyauto.com or call (800) 471-7431 option , and provide your requested accommodation, and position details.