Job Title: IAM Security Specialist
Job ID: 95319
What you’ll be doing:
The IAM Security Specialist plays a pivotal role in implementing role-based access and group policy with the Infrastructure Team. This individual is responsible for the comprehensive management and oversight of the Active Directory (AD) & Entra ID environment, including the design, deployment, maintenance, and optimization of the directory services. Additionally, this role involves troubleshooting complex issues related to Active Directory, authentication protocols and access control, ensuring robust backup and recovery strategies for identity management, and upgrading systems to mitigate potential security threats.
Responsibilities include:
- Key responsibilities encompass user and group management, establishing rigorous Group and Azure Policies, executing security measures, and ensuring system compliance with industry standards. The role collaborates closely with the Development Team and other members of the Infrastructure Team to integrate AD services with various systems and applications, maintains up-to-date documentation, and conducts regular security and performance monitoring.
- Additionally, this role involves troubleshooting complex issues related to Active Directory, authentication protocols and access control, ensuring robust backup and recovery strategies for identity management, and upgrading systems to mitigate potential security threats.
Minimum Qualifications
To facilitate proper credit. your resume must clearly describe your experience and skills in the areas listed below and indicate the beginning and ending month and year for each job held.
Position requires a minimum of four (4) years of information technology experience that includes all the following:
- Four (4) years of information technology experience that includes administering and supporting Active Directory, Entra ID, identity management systems, and Group Policy in a hybrid environment.
- Experience implementing and managing Identity and Access Management (IAM) systems, including SSO frameworks, authentication protocols, and access controls.
- Hands-on experience with security tools such as Microsoft Defender, Defender XDR, Sentinel, ADManager Plus, and ADAudit Plus, including monitoring, alert response, and compliance reporting.
- Knowledge of security best practices, identity governance, zero-trust principles, and regulatory requirements applicable to identity and access management.
- Ability to troubleshoot complex directory, authentication, and access-control issues, including AD DS, GPOs, ADFS, DNS, and DHCP-related identity dependencies.
Ability to communicate effectively with individuals with a wide range of backgrounds, who do not share your same culture, ethnicity, language, or other common experiences.
*A master’s degree in information technology or a related field substitutes for eighteen months of experience, OR a related bachelor’s degree substitutes for one year, OR a related Associate’s substitutes for six months.
Preferred Qualifications
- Bachelor’s degree in Information Technology, Computer Science, or a related field, or equivalent professional experience in identity administration and global policy design.
- Advanced proficiency with Active Directory/Entra architecture, including forests, domains, trusts, RBAC design, and hybrid identity integration.
- Experience automating identity and access processes, including PowerShell scripting, automated access reviews, and workflow-based provisioning/deprovisioning.
- O365/Entra/Azure administration experience, including PIM, MFA, conditional access, and cloud certificate management.
- Experience leading identity-focused projects and collaborating with cross-functional IT, security, and vendor teams.
- Professional certifications such as CIAM, CIMP, Microsoft security/identity certifications, or other IAM-related credentials demonstrating ongoing professional development.
Additional Requirements
This position requires successful completion of the following:
The Minnesota State Lottery will conduct a criminal background check and fingerprint check at the time of job offer for all prospective new employees. The Minnesota State Lottery cannot hire any person who's been convicted of a felony or a crime involving fraud or misrepresentation within five years of employment or who's ever been convicted of a gambling-related offense
In addition, the Minnesota State Lottery will perform the following background checks:
- Employment Reference Checks (includes review of personnel file for current and former State of Minnesota employees)
- SEMA4 Records Check (for current and former State of Minnesota employees)
- Driver’s License Records Verification
Posting Dates: 7/7/26 through 7/14/26