Identity & Access Management; IAM Engineer

Founded over 35 years ago, First Quality is a family-owned company that has grown from a small business in McElhattan, Pennsylvania into a group of companies, employing over 5,000 team members,while maintaining ourfamilyvalues and entrepreneurial spirit. With corporate offices in New York and Pennsylvania and 8 manufacturing campuses across the U.S. and Canada, the companies within the First Quality group produce high-quality personal care and household products forlargeretailers and healthcare organizations.

Our personal care and household product portfolio includes baby diapers, wipes, feminine pads, paper towels, bath tissue, adult incontinence products, laundry detergents, fabric finishers, and dishwash  addition, we manufacture certain raw materials and components used in the manufacturing of these products, including flexible print and packaging solutions.

Guided by our values of humility, unity, and integrity, we leverage advanced technology and innovation to drive growth and create new opportunities. At First Quality, you’ll find a collaborative environment focused on continuous learning, professional development, and our mission to Make Things Better®.

We are seeking an experienced Identity & Access Management (IAM) Engineer to join our IT team and support a rapidly growing North American–based manufacturing organization working remotely. This role is critical to ensuring secure, efficient, and compliant access to our best-in-class enterprise systems, including cloud based, SaaS and on-prem solutions, as well as a wide portfolio of niche manufacturing and enterprise applications.

• Help develop and enforce IAM policies, standards, and procedures for the enterprise which include both human identities and non-human identities.
• Onboarding/Offboarding - Automating provisioning/deprovisioning via Power Shell or other.
• Manage user lifecycle (provisioning, de-provisioning, RBAC, access reviews) and integrate IAM with cloud services.
• Maintain proper directory health, optimization, and hygiene
• Designing role-based access models ensuring least privilege and segregation of duties.
• Integrate IAM processes with HRMS (Workday) and additional key systems and services (SAP, Salesforce, O365, MES, EAM).
• Configure and maintain Single Sign-On (SSO), Multi-Factor Authentication (MFA), Conditional Access Policies, Privileged Access Management (PAM), Just-in-time (JIT) Access, federation (SAML, OpenID Connect, OAuth,), RADIUS, Public and Private Certificate Authority, Public Key Infrastructure (PKI), Certificate Lifecycle Management (CLM), Certificate-based Authentication (CBA), Passwordless authentication.
• Develop self-service IAM capabilities:
  Self-Service Password Reset (SSPR), Self-Service Access Requests, Delegated Administration.
• Automate IAM workflows and identity lifecycle events via scripting and APIs.
• Monitor IAM operations, generate compliance reports, and support audits.
• Remediate vulnerabilities, misconfigurations, and gaps identified through various sources such as press releases, vendor announcements, ad hoc risk assessments, pen testing, and proactive system reviews.
• Implement service architectures that are robust, highly available, and fault-tolerant.
• Prove Business Continuity and Disaster Recovery (DR) readiness through regular testing
• Troubleshoot and resolve IAM-related issues and support security incident response as part of the 3rd level support team.
• Work closely with the Cybersecurity IAM and IT Infrastructure teams to review and implement security requirements, policies, and tools.
• Partner with Cybersecurity, Compliance and Risk Management, Information Technology, Human Resources, Legal, Facilities, and other business unit or department stakeholders.

• Bachelor’s degree in IT, Computer Science, or related field (or equivalent experience).
• 3–5+ years specific IAM engineering experience or equivalent in a large enterprise.
• Proficiency with Directory Services (Entra  / Azure AD, Active Directory) and IAM Platforms (Okta, SailPoint, or similar).
• Experience integrating IAM with systems like Workday (HRMS) , SAP (ERP),…