Novanta is hiring a Microsoft Identity and Access Management Engineer to join its Information Technology team in a fully remote role based in the United States. The position pays between $101,100 and $161,800 annually, reflecting the specialized expertise this mid-level role demands. Understanding exactly what skills Novanta expects is the first step toward becoming a competitive candidate.
What Novanta Does and Why This Role Matters
Novanta builds engineered components and sub-systems for healthcare and advanced manufacturing industries. Their technology powers minimally invasive surgical tools, robotics, and 3D metal printing systems. Precision and reliability are central to everything the company produces.
The IAM Engineer sits inside the IT department and reports directly to the VP of IT. That reporting structure signals this role carries real organizational weight. Securing access across a global enterprise operating in healthcare adjacent industries is not a minor responsibility.
Core Technical Skills Required
Microsoft Azure Active Directory and Entra ID
Azure Active Directory, now rebranded as Microsoft Entra ID, is the foundation of this entire role. Novanta operates hybrid and cloud-native configurations, meaning you need experience managing both on-premises Active Directory and cloud-based identity environments. Knowing only one side creates a real skill gap.
You should understand directory synchronization tools like Microsoft Entra Connect. Experience managing tenant configurations, domain services, and organizational units matters here. Hybrid identity architecture knowledge is a hard requirement, not a nice-to-have.
Conditional Access, MFA, and SSO
Conditional Access policies control how and when users can access company resources. Configuring these policies based on user risk, device compliance, and location requires careful planning. A misconfigured policy can lock out entire departments or leave systems exposed.
Multi-Factor Authentication deployment and management is another core expectation. You should know how to roll out MFA at scale without disrupting daily operations. Single Sign-On configuration across enterprise applications, including third-party SaaS platforms, rounds out this skill cluster.
Privileged Identity Management and Privileged Access Management
Microsoft Privileged Identity Management controls who holds elevated access and for how long. PAM solutions extend that oversight further into sensitive systems and administrative accounts. Both require a deep understanding of least-privilege security principles.
Novanta explicitly lists PIM and PAM administration as key responsibilities. You need hands-on experience with access reviews, just-in-time access provisioning, and audit reporting. These are not skills you can fake through surface-level familiarity.
User Lifecycle and Role-Based Access Control
Managing user lifecycle processes means handling provisioning when someone joins, modifying access as roles change, and de-provisioning accounts immediately when someone leaves. Gaps in this process create serious security vulnerabilities. Automated workflows using tools like Microsoft Identity Governance are increasingly standard.
Role-Based Access Control requires mapping job functions to the minimum permissions needed to perform them. This is meticulous, ongoing work. Enterprises like Novanta with global operations across 26 offices accumulate complex permission structures over time.
Supporting Technical Knowledge
Beyond the core IAM stack, several adjacent technical skills strengthen your profile significantly. Novanta operates across multiple regions, meaning cross-tenant identity scenarios are realistic. Familiarity with Microsoft 365 security features and the Microsoft Defender for Identity product adds relevant depth.
Scripting skills matter for automating repetitive IAM tasks. PowerShell is the standard language for Microsoft environments and you should be comfortable writing and maintaining scripts for user management tasks. Basic knowledge of Microsoft Graph API is increasingly expected for modern IAM engineering work.
Understanding Zero Trust architecture principles is another asset. Zero Trust assumes no user or device should be trusted by default, which aligns directly with how Novanta likely structures its security posture in a hybrid work environment.
Security Mindset and Compliance Awareness
Novanta describes the ideal candidate as having a strong security mindset. That phrase carries real meaning in this context. The company serves healthcare-adjacent industries where data protection and regulatory compliance intersect with identity management daily.
Familiarity with frameworks like NIST, ISO 27001, or SOC 2 demonstrates that you understand identity management within a broader governance context. You do not need to be a compliance specialist. You do need to understand how IAM decisions affect audit outcomes and regulatory standing.
Incident response awareness is also valuable. Knowing how compromised accounts are detected, contained, and remediated shows you think about identity security proactively, not just administratively.
Soft Skills Novanta Expects
Novanta openly emphasizes teamwork, collaboration, and empowerment in its culture description. These are not just recruitment buzzwords for this organization. The IAM Engineer works across departments and must communicate technical access decisions to non-technical stakeholders regularly.
Clear written and verbal communication helps when explaining why a Conditional Access policy blocks a specific workflow or why a privileged account request requires additional review. Being technically right but unable to explain your reasoning creates friction at the organizational level.
Problem-solving under pressure is another soft skill this role demands. Identity issues, like a broken SSO integration or a locked privileged account during a critical operation, often surface at inconvenient times. Staying methodical when urgency is high separates strong engineers from average ones.
Attention to detail is non-negotiable in access management work. A single misconfigured permission or overlooked de-provisioning task can become a serious security incident. The nature of the work rewards people who naturally double-check their own outputs.
Experience Requirements
Novanta lists 3 to 5 years of hands-on experience with Microsoft IAM technologies as the baseline. This is a mid-level position, not an entry-level one. Candidates who have only studied these tools without deploying them in real enterprise environments will likely fall short.
Experience in a hybrid identity environment carries extra weight here. Many organizations are still managing the transition from purely on-premises Active Directory to cloud-first identity models. Engineers who have navigated that transition bring practical knowledge that classroom training cannot replicate.
Prior exposure to global or multi-region enterprise environments is also advantageous. Novanta operates across the Americas, Europe, and Asia-Pacific. Understanding how time zones, regional compliance requirements, and distributed user populations affect IAM strategy shows readiness for that complexity.
How to Build These Skills
Microsoft offers a dedicated learning path called Microsoft Certified: Identity and Access Administrator Associate, mapped to exam SC-300. This certification directly covers Azure AD, Entra ID, Conditional Access, PIM, and identity governance. Earning it demonstrates structured, verified knowledge to hiring managers.
Setting up a free Microsoft 365 Developer tenant gives you a sandbox environment to practice configurations without risking production systems. You can deploy Conditional Access policies, configure MFA, and test PIM workflows hands-on. Practical lab work builds the muscle memory that certifications alone cannot provide.
Contributing to IAM-related projects at your current employer, even in a supporting role, accelerates experience accumulation faster than self-study alone. Volunteering to document access review processes or assist with a provisioning workflow audit builds a portfolio of real-world contributions worth discussing in interviews.
Following Microsoft's official security blog and the Entra ID product roadmap keeps your knowledge current as the platform evolves rapidly. IAM engineering requires continuous learning because the threat landscape and the technology both change constantly.
Novanta is looking for someone who can operate independently, protect a complex enterprise environment, and communicate effectively across a global organization. The salary range reflects the genuine expertise this role requires. Candidates who combine verified technical skills, real hands-on experience, and strong collaboration instincts are the ones who stand out for this position. Apply for the Novanta Microsoft IAM Engineer role here.
