IAM Engineer

Job Description Must Have Technical/Functional Skills

• Strong understanding of IAM concepts: RBAC, ABAC, PBAC, SoD, governance workflows.
• Hands on experience with at least one major platform:
• IGA:
  SailPoint / Saviynt / OIG
• SSO/AM:
  Okta / Azure AD / Ping / Forge Rock
• PAM:
  Cyber Ark / Delinea / Beyond Trust
• Proficiency in scripting:
  Power Shell (mandatory), Python preferred.
• Deep understanding of SAML, OAuth 2.0, OIDC, SCIM, JWT.
• Experience with Active Directory, Entra , and directory synchronization tools.
• Familiarity with cloud IAM across AWS / Azure / GCP.

• Identity Governance & Administration (IGA)
• Implement and maintain IGA platforms (e.g., SailPoint, Saviynt, Oracle Identity).
• Manage user lifecycle processes (Joiner–Mover–Leaver).
• Execute role engineering, access certifications, entitlement governance, and SoD controls.
• Develop identity workflows, provisioning connectors, and automated approval processes.
• Access Management / SSO / Federation
• Configure and support SSO integrations using SAML, OAuth 2.0, and OIDC.
• Implement MFA, conditional access, adaptive authentication, and passwordless solutions.
• Manage and troubleshoot identity federation with cloud and on prem applications.
• Support both workforce and B2B/B2C identity requirements.
• Privileged Access Management (PAM)
• Administer PAM tools (Cyber Ark, Beyond Trust, Delinea, Hashi Corp Vault).
• Onboard privileged accounts, manage vaulting, session control, and credential rotation.
• Implement least privilege models and privileged identity workflows.
• Directory Services & Identity Infrastructure
• Manage Active Directory / Entra , GPO policies, domain trust, and conditional access.
• Support LDAP, Kerberos, RADIUS, and identity protocols for infrastructure authentication.
• Troubleshoot identity replication, authentication failures, and directory issues.
• Cloud IAM
• Implement IAM controls for AWS, Azure, and/or GCP (RBAC, service accounts, policies).
• Manage enterprise cloud identity integrations, workload identities, and cloud SSO.
• Support identity posture management and cloud access reviews.
• Automation, Scripting & Dev Ops
• Develop automation using Power Shell, Python, Bash, REST APIs.
• Build integration scripts, provisioning connectors, and identity workflows.
• Use Terraform, CI/CD pipelines, or automation frameworks for IAM deployments.
• Security, Compliance & Governance
• Support audits (SOX, PCI DSS, ISO 27001, FFIEC, HIPAA if applicable).
• Implement identity controls aligned with Zero Trust Architecture.
• Perform risk assessments, access reviews, and provide remediation support.
• Document IAM processes, standards, runbooks, and architectural diagrams.

Salary Range: $100,000 to $120,000 per year

• BACHELOR OF COMPUTER SCIENCE