Identity and Access Management Engineer II

At Insmed, every moment and every patient counts — and so does every person who joins in. As a global biopharmaceutical company dedicated to transforming the lives of patients with serious and rare diseases, you’ll be part of a community that prioritizes the human experience, celebrates curiosity, and values every person’s contributions to meaningful progress. That commitment has earned us recognition as Science magazine’s No. 1 Top Employer for five consecutive years, certification as a Great Place to Work® in the U.S., and a place on The Sunday Times Best Places to Work list in the UK. For patients, for each other, and for the future of science, we’re in. Are you? About the Role: The Identity and Access Management (IAM) Engineer II will be responsible for the implementation, administration, and continuous improvement of Insmed’s enterprise identity services across Active Directory, Microsoft Entra ID, and federated multi-cloud and SaaS platforms. This role ensures identity systems operate in a secure, resilient, compliant, and audit-ready state while enabling modern authentication, automated lifecycle management, and least-privilege access. The position partners closely with Cybersecurity, Infrastructure & Operations, Enterprise Applications, Computer System Validation (CSV), and Quality Assurance (QA) teams to maintain a validated identity environment that supports regulatory requirements, operational resilience, and enterprise identity modernization initiatives. This role is accountable for centralized identity, authentication, and federation across platforms. What You'll Do: In this role, y ou’ll have the opportunity to be involved with identity platform administration, access & authentication services, e nterprise identity federation & multi-cloud integration, cybersecurity & identity protection, and automation & continuous improvement. You will also: Administer and support Active Directory Domain Services and Microsoft Entra ID, including user, group, and device identity management. Manage hybrid identity synchronization using Entra ID Connect / Cloud Sync, including troubleshooting provisioning and synchronization issues. Maintain directory health, replication, security configuration, and access governance controls. Implement and maintain SSO integrations using SAML, OIDC, OAuth, and LDAP. Configure and manage Conditional Access, Multi-Factor Authentication (MFA), and passwordless authentication policies. Support Privileged Identity Management (PIM) and enforce least-privilege access controls. Implement automated Joiner-Mover-Leaver lifecycle processes and identity governance workflows. Maintain federation between Active Directory, Microsoft Entra ID, AWS, GCP, and enterprise SaaS platforms. Troubleshoot authentication, federation, and provisioning issues across hybrid environments. Support identity integrations with enterprise platforms such as Workday, ServiceNow, AWS, Microsoft 365, and regulated applications. Partner with Cybersecurity to codify rules & investigate identity-related alerts around suspicious authentication activity, and access anomalies. Participate in incident response activities related to credential compromise or privileged access misuse. Implement identity security controls aligned with Zero Trust principles and enterprise security standards. Develop, maintain, and test identity platform disaster recovery (DR) and business continuity procedures. Validate backup, restore, and failover capabilities for directory services. Develop and maintain automation using PowerShell, Microsoft Graph, or scripting to reduce manual provisioning and touchpoints. Who You Are: ​ You have a minimum of Bachelor’s degree in Information Technology, Computer Science, or related discipline as well as 5 years of experience supporting enterprise Identity & Access Management or Directory Services. You are or you have: Strong hands-on experience with Active Directory (users, groups, GPOs, trusts, replicatio ... (truncated, view full listing at source)