Senior Identity Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Sunrise Senior Living · 18 hours ago

Senior Identity Engineer

positionMcLean, VA
timeFull-time
remoteOnsite
senioritySenior Level
money$152K/yr - $190K/yr

Sunrise Senior Living is committed to empowering residents to lead healthier and happier lives. The Senior Identity Engineer will oversee the enterprise Identity & Access Management platform, focusing on migration to modern authentication and enhancing security protocols.

Assisted LivingElder CareHealth CareMedicalNursing and Residential Care
check
H1B Sponsor Likelynote

Responsibilities

Operate and improve hybrid identity (on-prem Active Directory and Entra ID), directory synchronization, and domain/namespace hygiene; plan and execute a staged migration toward an Entra-first model
Lead deprecation of legacy authentication schemes (e.g., ADFS where appropriate), migrate applications to modern federation protocols (SAML, OAuth, OIDC), and document cutover and rollback procedures
Own intake and integration patterns for single sign-on (SSO) across enterprise and third-party applications; enforce standards for claims, groups, roles, and provisioning, and maintain a service catalog
Implement and maintain HR-driven joiner, mover, and leaver (JML) workflows using SCIM, APIs, or ETL processes, including authoritative source mapping, attribute governance, and automated access grants and revocations
Design role-based access control (RBAC) models and dynamic group strategies; codify least-privilege access patterns across directories, applications, and data
Engineer policies for device and user risk, network and location-based controls, and session management; manage authentication methods such as push notifications, TOTP, FIDO2, passkeys, and certificate-based authentication
Define the roadmap for passwordless authentication adoption, implement solutions for targeted populations, and track adoption, support needs, and exceptions
Build and maintain automation using Python and PowerShell for provisioning, policy enforcement, reporting, and configuration drift detection; manage scripts and runbooks in source control
Publish standards, reference integrations, and training materials for IT, HR, and application teams; provide office hours and targeted workshops
Maintain compliance in assigned required training and all training required by state/province or other regulating authorities as applicable to this role to ensure that Sunrise standards are always met
Perform other duties as assigned

Qualification

Active DirectoryAzure Active DirectoryIdentity & Access ManagementPythonPowerShellSAMLOAuth 2.0OpenID ConnectSCIMAnalytical reasoningProject managementCommunication skills

Required

Programming experience in Python (or similar) and strong PowerShell skills for directory and application automation
Deep experience with Active Directory, Azure Active Directory / Entra ID, and hybrid identity architectures
Hands-on experience with SAML, OAuth 2.0, and OpenID Connect (OIDC), including token and claim design, scopes, consent, refresh and PKCE flows, and session management
Experience designing, operating, and decommissioning ADFS or similar platforms, including secure migration to modern authentication
Proven ability to onboard and maintain large numbers of enterprise applications, standardizing metadata, attribute mappings, and provisioning workflows
Experience with HRIS-driven JML processes, SCIM or API-based provisioning and deprovisioning, orphaned account controls, and access recertification support
Policy design, testing, rollout, and exception handling experience, including passwordless authentication approaches such as FIDO2 and passkeys
Exposure to regulated environments (e.g., HIPAA, SOC 2) and experience supporting audits
Experience using REST APIs or Microsoft Graph API for advanced automation and reporting
Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent practical experience

Benefits

Medical, Dental, Vision, Life, and Disability Plans
Retirement Savings Plans
Employee Assistant Program / Discount Program
Paid time off (PTO), sick time, and holiday pay
MyFlexPay offered to get paid within hours of a shift
Tuition Reimbursement
In addition to base compensation, Sunrise may offer discretionary and/or non-discretionary bonuses. The eligibility to receive such a bonus will depend on the employee’s position, plan/program offered by Sunrise at the time, and required performance pursuant to the plan/program.

Company

Sunrise Senior Living

twittertwittertwitter
Glassdoor3.5
company-logo
Sunrise Senior Living is an assisted living center that offers independent living, memory care, and rehabilitative services.
dateFounded in 1981
location
Mclean, Virginia, USA
people-size10001+ employees
web-link
https://www.sunriseseniorliving.com

H1B Sponsorship

Sunrise Senior Living has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2021 (1)

Funding

Current Stage
Late Stage
Total Funding
unknown
2013-01-01Series Unknown
2005-07-01Series Unknown

Leadership Team

leader-logo
Terry Klaassen
Co-Founder
linkedin
leader-logo
Marco Trecroce
Chief Technology Officer
linkedin

Recent News

PR Newswire
Brookdale Appoints Nick Stengle as CEO
2025-10-02
PR Newswire
Sunrise Senior Living Named to Fortune's 2025 Best Workplaces in Aging Services List
2025-09-15
The Real Deal
Long Beach senior housing development gets $80M financing boost
2025-09-12
Company data provided by crunchbase