Sr. Cloud IAM Engineer (SSO)

Cloud Identity & Access Management (IAM) Systems Engineer Experience Level: 7+ years in Information Security / IAM Position Summary The Cloud IAM Systems Engineer supports the design, development, integration, and operationalization of enterprise identity and authentication services across onu2011premises and multiu2011cloud environments (AWS, Azure, GCP). The engineer participates in systems engineering activities including authentication, identity provisioning, federation, SSO/MFA, and application onboarding. This role contributes to the endu2011tou2011end engineering lifecycle u2014 from requirements refinement to deployment and operational supportu2014 while ensuring adherence to security, compliance, and architectural standards. This engineer acts as a seasoned technical contributor who collaborates across cloud, application, infrastructure, and cybersecurity teams to deliver secure, scalable IAM solutions. The role has no direct reports but requires influencing crossu2011functional technical teams through expertise and leadership. Key Responsibilities Identity Engineering & Cloud Integration + Design, implement, and maintain Cloud IAM solutions across AWS IAM, Azure/Entra ID, and GCP IAM. + Integrate and support SSO, MFA, identity federation, and authentication flows for enterprise and cloud-native applications. + Implement identity synchronization and automated provisioning workflows between cloud and onu2011prem directory platforms. + Build and configure authentication and federation using OAuth 2.0, OpenID Connect (OIDC), SAML 2.0, SCIM, FIDO, and related standards. Systems Engineering, Deployment & Automation + Participate in story refinement, requirement gathering, and architectural discussions for IAM services. + Build and optimize CI/CD pipelines supporting IAM deployments, policy updates, and configuration changes. + Utilize understanding of networking, virtualization, and data center technologies to support scalable identity systems. + Create and enhance processes for system transformation, dependency mapping, workload management, and environment standardization. Testing, Troubleshooting & Operations + Execute existing test suites (integration, regression, performance), analyze results, identify issues, and drive rootu2011cause resolution. + Support the onboarding of cloud, internal, and thirdu2011party applications into the organization's IAM ecosystem. + Monitor and improve identity performance, authentication reliability, and service availability. Governance, Documentation & Crossu2011Functional Collaboration + Document system designs, integration workflows, deployment steps, and operational runbooks. + Identify gaps in IAM standards or misconfigurations; collaborate with engineering teams to close compliance and architectural gaps. + Work closely with development, cloud, and cybersecurity teams to ensure alignment on IAM requirements and best practices. Required Qualifications + 7+ years of experience in Information Security or Identity & Access Management. + Strong hands-on experience with SSO, MFA, and federation technologies. + Deep expertise in IAM protocols including: + OAuth 2.0, OIDC + SAML 2.0 + SCIM + FIDO + LDAP + Strong experience designing IAM solutions for: + AWS IAM + Azure / Entra ID + GCP IAM + Experience federating cloud applications and building modern authentication flows. + Knowledge of Active Directory, LDAP, MFA solutions, risk-based authentication, and privileged access concepts. + Proficient in Linux & Windows, plus experience with Tomcat, WebLogic, or WebSphere. + Ability to script or program in Python, PowerShell, Bash, Java, JavaScript, or Perl. + Experience deploying large-scale, enterprise/global IAM projects. + Strong communication skills and ability to influence cross-functional partners. + Familiarity with IT security, risk management, and compliance frameworks. Preferred Experience: + Experience with PingFederate, PingAccess, PingDirectory, or PingID for SSO, MFA, and federation. + Experience integrating Ping Identity solutions into cloud IAM environments. + Understanding of identity token mapping, adapters, authentication policies, and directory replication. Soft Skills & Leadership + Ability to influence technical teams without direct authority. + Strong communication and interpersonal skills. + Demonstrated ability to support fast-paced, enterprise-scale IAM initiatives. + Motivation and willingness to learn new cloud and identity technologies. We reserve the right to pay above or below the posted wage based on factors unrelated to sex, race, or any other protected classification. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. This temporary role may be eligible for the following: + Medical, dental & vision + 401(k)/Roth + Insurance (Basic/Supplemental Life & AD&D) + Short and long-term disability + Health & Dependent Care Spending Accounts (HSA & DCFSA) + Transportation benefits + Employee Assistance Program + Time Off/Leave (PTO, Vacation or Sick Leave) Job Type & Location This is a Contract position based out of Denver, CO. Pay and Benefits The pay range for this position is $60.00 - $78.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: u2022 Medical, dental & vision u2022 Critical Illness, Accident, and Hospital u2022 401(k) Retirement Plan u2013 Pre-tax and Roth post-tax contributions available u2022 Life Insurance (Voluntary Life & AD&D for the employee and dependents) u2022 Short and long-term disability u2022 Health Spending Account (HSA) u2022 Transportation benefits u2022 Employee Assistance Program u2022 Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully onsite position in Denver,CO. Application Deadline This position is anticipated to close on Mar 31, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services Weu2019re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. Weu2019re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. Weu2019re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. Weu2019re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at . The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Created: 2026-03-19