Identity & Access Management (IAM) Engineer

Job Title: Identity & Access Management (IAM) EngineerLocation: Hybrid - DallasDepartment: Information TechnologyReports To: Lead Security EngineerPosition SummaryWe are seeking a highly skilled Identity & Access Management (IAM) Engineer to design, implement, and manage secure identity solutions across our enterprise environment. This role is responsible for enforcing least-privilege access, strengthening authentication controls, supporting regulatory compliance (CMMC/NIST), and enabling secure digital transformation across cloud and on-premise platforms.The IAM Engineer will partner with IT Infrastructure, Data, Security, HR, and Application teams to ensure identity governance, lifecycle automation, privileged access management, and zero-trust principles are consistently applied across the organizatioKey ResponsibilitiesIdentity Architecture & EngineeringDesign and maintain IAM architecture across:Microsoft Entra ID (Azure AD)Active Directory (on-prem)Microsoft 365VPN and network authentication systemsEnterprise SaaS platforms (Salesforce, BC, etc.)Implement and manage Single Sign-On (SSO) and federation (SAML, OAuth, OIDC)Architect Conditional Access policies and Zero Trust controlsImplement and enforce MFA across all systemsIdentity Governance & Lifecycle ManagementAutomate Joiner / Mover / Leaver (JML) processes integrated with HRISBuild and maintain Role-Based Access Control (RBAC) frameworkImplement access certification and periodic access reviewsEnsure timely deprovisioning and segregation of duties enforcementSupport M&A integrations (rapid identity consolidation within 30 days)Privileged Access Management (PAM)Deploy and manage privileged access controls (PIM, just-in-time access)Enforce tiered admin model and privileged session monitoringReduce standing privileged access across all systemsMaintain break-glass account governance and monitoringCompliance & Risk ManagementSupport CMMC, NIST 800-171, and internal audit requirementsMaintain documentation for identity controls and audit evidenceParticipate in risk assessments and control testingMonitoring & Incident ResponseIntegrate identity logs with SIEM/SOC platform (e.g., Arctic Wolf)Investigate anomalous login behavior and identity-based threatsImplement identity threat detection and response controlsQualifications and SkillsEducation and Experience5+ years of experience in IAM, Identity Engineering, or Security EngineeringStrong hands-on experience with:Microsoft Entra ID (Azure AD)Active Directory (GPOs, OU design, hybrid identity)MFA and Conditional AccessSSO and federation protocols (SAML, OAuth, OIDC)Experience with Privileged Identity Management (PIM/PAM)Understanding of Zero Trust architecture principlesExperience supporting compliance frameworks (NIST, CMMC, SOC 2, ISO 27001)PowerShell scripting and automation experienceExperience in hybrid cloud environmentEQUAL OPPORTUNITY EMPLOYER | DRUG-FREE WORKPLACEShermco is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. Shermco is a drug-free workplace.NO AGENCIES PLEASEUSD $110,000.00 - USD $120,000.00 /Yr.

Created: 2026-03-09