IAM Security Engineer

Join to apply for the IAM Security Engineer role at BALIN TECHNOLOGIES LLC
.

Location:

Denver, CO (Hybrid). Industry: Airlines. Mode of Interview:
Video looking for candidates willing to relocate.

• Provide organizational and technical leadership on identity and access management functions.
• Design, deliver, and execute on Identity and Access Governance (IAG) vision and roadmap.
• Implement IAG program management, governance, and lead technical teams to ensure alignment with strategy and vision.
• Support development and implementation of security policies, procedures, and documented security controls.
• Manage and oversee control performance of user access reviews for key systems and applications in the environment (standard and privileged users).
• Manage and oversee performance of role review and segregation of duties control functions.
• Integrate and manage automated IGA solutions that supports privileged and non-privileged user access recertification campaigns.
• Manage a combination of onshore/offshore team members, assuring identity‑related tasks are completed timely and effectively.
• Closely collaborate with Internal and External Audit functions, to assure identity programs and controls are operating effectively to meet compliance requirements.
• Assure appropriate SDLC and change‑related controls are followed when implementing IGA solutions or identity enhancements.
• Support the onboarding of access‑related controls and recurring testing on regulated applications (e.g., SOX, TSA, PCI).
• Establish and enforce control implementation of password and account lockout policies for user and consumer systems/applications.
• Support requirements and implementation of a commercial‑facing consumer single sign‑on (multi‑factor) capability.
• Partner with key stakeholders to develop requirements to design and implement compelling Identity and Access Management (IAM)/Identity Governance & Access (IGA) solutions aligning to corporate strategic goals.
• Conduct discovery workshops and interview business owners for gap analysis and propose best practices and future state.
• Partner and collaborate with business, cybersecurity, systems/network engineering, security administrators, and application owners to prioritize, develop, and deliver identity & access standards, best practices, architecture, and systems to ensure access controls across the enterprise.
• Manage end‑to‑end delivery of projects with hands‑on involvement in development and configuration of IAM/IGA solutions.
• Manage the design and implementation for an enterprise IAM/IGA solution, factoring feeds/interfaces for HR systems, contractor management systems, Active Directory, IT Service Management tools, and downstream applications.
• Oversee Privileged Identity Access (PIM) and Privilege Access Management (PAM) efforts.
• Ensure IAM solutions are meeting security and business objectives and outcomes by establishing metrics that lead to improvement enhancements.
• Stay abreast of current business and industry trends relevant to the industry.
• Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes.
• Support M&A activities, ensuring that appropriate access control due diligence reviews are performed, risks identified, and mitigation plans are enacted with the appropriate teams.
• Acts as a role model and positive coach/mentor to develop team members in accordance with Frontier behaviors and principles.
• Performs other related duties as assigned.

• Bachelor's degree in computer science, information systems, or related technical field.
• 5+ years of experience in Identity and Access Management (IAM).
• 5+ years of operational experience with ongoing maintenance of Active Directory, Identity and Access Management (IAM) solutions, and/or User Account Management platforms.
• 4+ years of experience configuring and implementing packaged or custom IAM solutions, such as:
  Saviynt, SailPoint, Forge Rock, or equivalent tool.
• 5+ years of experience with control performance on Identity & Access Governance activities: including role‑based access control (RBAC) reviews, access request and certification, and password/account lockout reviews.
• 3+…