IAM Engineer

Must Have Technical/Functional Skills• Strong understanding of IAM concepts: RBAC, ABAC, PBAC, SoD, governance workflows.• Hands on experience with at least one major platform:• IGA: SailPoint / Saviynt / OIG• SSO/AM: Okta / Azure AD / Ping / ForgeRock• PAM: CyberArk / Delinea / BeyondTrust• Proficiency in scripting: PowerShell (mandatory), Python preferred.• Deep understanding of SAML, OAuth 2.0, OIDC, SCIM, JWT.• Experience with Active Directory, Entra ID, and directory synchronization tools.• Familiarity with cloud IAM across AWS / Azure / GCP. Roles & Responsibilities 1. Identity Governance & Administration (IGA)• Implement and maintain IGA platforms (e.g., SailPoint, Saviynt, Oracle Identity).• Manage user lifecycle processes (JoinerMoverLeaver).• Execute role engineering, access certifications, entitlement governance, and SoD controls.• Develop identity workflows, provisioning connectors, and automated approval processes. 2. Access Management / SSO / Federation• Configure and support SSO integrations using SAML, OAuth 2.0, and OIDC.• Implement MFA, conditional access, adaptive authentication, and passwordless solutions.• Manage and troubleshoot identity federation with cloud and on prem applications.• Support both workforce and B2B/B2C identity requirements. 3. Privileged Access Management (PAM)• Administer PAM tools (CyberArk, BeyondTrust, Delinea, HashiCorp Vault).• Onboard privileged accounts, manage vaulting, session control, and credential rotation.• Implement least privilege models and privileged identity workflows. 4. Directory Services & Identity Infrastructure• Manage Active Directory / Entra ID objects, GPO policies, domain trust, and conditional access.• Support LDAP, Kerberos, RADIUS, and identity protocols for infrastructure authentication.• Troubleshoot identity replication, authentication failures, and directory issues. 5. Cloud IAM• Implement IAM controls for AWS, Azure, and/or GCP (RBAC, service accounts, policies).• Manage enterprise cloud identity integrations, workload identities, and cloud SSO.• Support identity posture management and cloud access reviews. 6. Automation, Scripting & DevOps• Develop automation using PowerShell, Python, Bash, REST APIs.• Build integration scripts, provisioning connectors, and identity workflows.• Use Terraform, CI/CD pipel ines, or automation frameworks for IAM deployments. 7. Security, Compliance & Governance• Support audits (SOX, PCI DSS, ISO 27001, FFIEC, HIPAA if applicable).• Implement identity controls aligned with Zero Trust Architecture.• Perform risk assessments, access reviews, and provide remediation support.• Document IAM processes, standards, runbooks, and architectural diagrams.Salary Range: $100,000 to $120,000 per year

Created: 2026-04-02