About Us
About the Role
Dianthus is growing quickly, and we are looking for a hands-on Systems Administrator with strong Identity and Access Management (IAM) expertise to help us scale securely. You will be the operational owner of our identity platform and access governance program, responsible for “who — and what — has access to what”, covering employee, contractor, external partner (B2B), and non-human (service) identities. This is a high impact role where you will shape our identity lifecycle, strengthen our security posture, and support our SaaS and endpoint environment as we prepare for commercial scale.
We are building a culture of individuals who hold our core principles at the center of our operations, with the goal to elevate the care of our patients’ lives. We are open to you working remotely.
Key Responsibilities
Identity & Access Management
- Own the full identify lifecycle including automated provisioning/deprovisioning, and timely access revocation
- Govern external identities: Entra External ID / B2B guest access, cross-tenant collaboration, access packages, and routine guest access reviews
- Manage non-human identities: service principles, managed identities workload identities, and service accounts, including credential rotation, secret/certificate lifecycle, federated credentials
- Administer ID platform; conditional access policies, new program rollouts, identity protection, risk-based access controls, and Privileged Identity Management (PIM).
- Design and operate SSO and SCIM provisioning integrations across the SaaS application portfolio.
- Lead periodic access reviews and recertification campaigns; maintain least-privilege and role-based access control (RBAC) models across M365, Azure, and SaaS systems.
- Manage privileged access: break-glass accounts, admin role assignments, just-in-time (JIT) elevation, and segregation of duties.
- Establish and enforce external collaboration governance: which tenants can collaborate with Dianthus, what data can be shared, how guest accounts are sponsored, and how they are decommissioned.
- Support IAM audit and compliance evidence collection
- Support the response to identity-related security events in partnership with the cyber team
Endpoint, SaaS & End-User Support
- Manage the MDM/MAM environment for endpoints: configuration profiles, compliance policies, app deployment, enrollment, and remediation workflows.
- Administer the Enterprise tenant including license management, security baselines, and DLP policies.
- Provide day-to-day administration of the SaaS application portfolio, including user and license management, configuration changes, integration health monitoring, and vendor escalations.
- Deliver escalated technical support to end-users across identity, endpoint, productivity, and SaaS application issues, ensuring a high-quality employee experience.
- Support onboarding and offboarding automation, working with internal platforms and HR deliver a seamless, secure experience.
- Partner with our managed services provider (MSP) on escalations, projects, and security operations.
Experience
- 4+ years of hands-on systems administration experience, with at least 2 years with explicit IAM responsibility.
- Strong understanding of IAM principles: identity lifecycle, RBAC, least privilege, separation of duties, access certification, and privileged access management.
- Experience administering B2B / guest identities and external collaboration controls
- Working knowledge of non-human identity management: service principals, managed identities, workload identity federation, and secret/certificate rotation.
- Experience designing and operating SSO and SCIM provisioning integrations for SaaS applications
- Experience with low-code automation platforms for workflow and integration automation.
- Demonstrated experience providing technical support to end-users, with strong customer service orientation and communication skills.
- Strong troubleshooting skills and a security-conscious, service-oriented mindset
- Experience in a regulated industry preferred. (biotech, pharma, healthcare, finance) with exposure to IAM audit controls
- Familiarity with GxP / 21 CFR Part 11 requirements for identify and access controls preferred
- Experience implementing or operating an Identity Governance & Administration (IGA) solution preferred
- Experience with secrets management platforms and integrating them into application workflows preferred
- Microsoft certifications: SC-300 (Identity and Access Administrator) strongly preferred; also MS-102, MD-102, or AZ-104
Skills Required
- 4+ years systems administration experience with at least 2 years of explicit IAM responsibility
- Strong understanding of IAM principles: identity lifecycle, RBAC, least privilege, separation of duties, access certification, privileged access management
- Experience administering B2B/guest identities and external collaboration controls (Entra External ID / cross-tenant guest access)
- Working knowledge of non-human identity management: service principals, managed identities, workload identity federation, credential rotation
- Experience designing and operating SSO and SCIM provisioning integrations for SaaS applications
- Experience with MDM/MAM endpoint management, configuration profiles, compliance policies, enrollment, and remediation
- Experience administering tenant-level M365/Azure services including license management, security baselines, and DLP policies
- Experience with low-code automation platforms for workflow and integration automation
- Demonstrated experience providing technical support to end-users with strong customer service and communication skills
- Experience administering conditional access policies, identity protection, risk-based access controls, and Privileged Identity Management (PIM)
- Experience in a regulated industry (biotech, pharma, healthcare, finance) with exposure to IAM audit controls
- Familiarity with GxP / 21 CFR Part 11 requirements for identity and access controls
- Experience implementing or operating an Identity Governance & Administration (IGA) solution
- Experience with secrets management platforms and integrating them into application workflows
- Microsoft certifications: SC-300 strongly preferred; MS-102, MD-102, or AZ-104 also preferred
What We Do
Dianthus is a biotechnology company dedicated to designing and delivering the next generation of best-in-class monoclonal antibodies with improved selectivity and potency. Led by a multidisciplinary team of seasoned biotech entrepreneurs and scientists, we are pioneering selective antibodies of validated and emerging complement targets to allow people with rare and severe autoimmune diseases live healthier lives to their fullest potential.
.png)







