Senior IAM Security Engineer

IAM Security Engineer

12+ month contract (W2 ONLY, NO C-C)
Austin, TX (Hybrid)

• Lead the cleanup, hardening, and optimization of federation configurations (Ping Federate, Forge Rock).
• Manage and remediate Active Directory group memberships, permissions, and delegation models to enforce least privilege.
• Design and implement Role-Based Access Control (RBAC) across enterprise systems.
• Support access recertification and identity posture improvement initiatives.
• Collaborate with red and blue teams to simulate identity-based attacks and enhance detection and response capabilities.
• Contribute to threat modeling and adversary simulation efforts targeting identity and access infrastructure.
• Implement and manage privilege controls using LAPS, GPOs, and local admin policy frameworks.
• Harden Windows servers and endpoints to reduce identity exploitation risk.
• Enforce Privileged Access Management (PAM) practices using Cyber Ark or equivalent tools.
• Identify and remediate misconfigurations that could lead to privilege escalation or lateral movement.

• 5+ years of experience in IAM engineering or identity-focused security roles.
• Strong expertise in Active Directory, LDAP, and Group Policy management.
• Hands-on experience with federation technologies such as Ping Federate, Forge Rock, or RSA.
• Proven ability to design and maintain RBAC and access governance frameworks.
• Deep understanding of Windows privilege management, GPOs, and PAM implementations (Cyber Ark, Beyond Trust).
• Familiarity with offensive security tools and techniques targeting Windows and identity systems.
• Working knowledge of MITRE ATT&CK identity-based tactics.
• Proficiency in Power Shell or Python for automation and analysis.

• Experience with Silverfort or other identity threat detection tools.
• Exposure to Endpoint Detection and Response (EDR) platforms.
• Relevant certifications such as CISSP, GIAC, or equivalent IAM/security credentials.

Estimated Min Rate: $52.50
Estimated Max Rate: $80.00

• Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week)
• Health Savings Account (HSA) (for employees working 20+ hours per week)
• Life & Disability Insurance (for employees working 20+ hours per week)
• Met Life Voluntary Benefits
• Employee Assistance Program (EAP)
• 401K Retirement Savings Plan
• Direct Deposit & weekly epayroll
• Referral Bonus Programs
• Certification and training opportunities

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

For additional information about accommodations or privacy notice, refer to Yoh Accessibility and Candidate Privacy Notice.