JD North America - Engineer, Identity Governance & Administration

The position of Identity Governance & Administration (IGA) Engineer will deliver best-in-class design, implementation and management of our IGA solution in a large-scale, fast-paced retail environment.

This role requires deep SailPoint Identity Security Cloud (ISC) expertise, strong operational knowledge and the ability to work effectively across security, infrastructure, application and business teams.

This position reports to the Vice President, CISO.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Include the following. Other duties may be assigned.
* Own the Identity & Access Management (IAM) architecture roadmap with a strong focus on SailPoint ISC, authoritative data sources, and core directory services (Active Directory, Entra )
* Design and govern identity lifecycle and access governance solutions for employees, contractors, vendors and service accounts
* Architect and oversee implementations between IAM platforms and enterprise systems including POS, ERP, e-commerce platforms and cloud workloads
* Define and implement robust a RBAC model, automated provisioning/deprovisioning and identity workflows within Sail Point
* Provide guidance and architectural support for directory service modernization ensuring security and role modelling across hybrid IT estates
* Lead the secure integration of Authentication & Authorization mechanisms (e.g. SAML, OIDC, OAuth2) for internal and customer facing applications
* Support audit and compliance initiatives including PCI-DSS, GDP and internal policy enforcement
* Evaluate new IAM technologies, tools and capabilities to maintain a forward-looking, strategic identity architecture
* Collaborate with business and technical stakeholders to gather requirements and translate them into scalable SailPoint configurations
* Integrate SailPoint ISC with enterprise systems and applications (both on-prem and cloud) via out of the box connectors or custom-built connectors
* Implement identity governance policies, role models, access reviews and segregation of duties (SoD) controls
* Monitor and maintain the health of the SailPoint ISC platform, troubleshoot issues and implement enhancements
* Automate provisioning and de-provisioning for user access across multiple systems
* Participate in security audits and contribute to compliance efforts by providing evidence and supporting documentation
* Stay current with SailPoint updates, new features and industry best practices in identity and access management
* Support hybrid environments by integrating Privilege Cloud with on-prem infrastructure and identity sources (e.g. Active Directory)
* Collaborate with internal colleagues and teams to maintain optimal configuration, availability and performance.
* Participate in security reviews and support audit-related activities related to privileged account governance
* Provide integration support across ITSM ticket systems, SIEMs and CI/CD pipelines to ensure secure Dev Ops practices.
* Perform regular health checks, maintenance and upgrades, and incident resolution for the SailPoint platform.
* Provide level 2/3 support for SailPoint related issues and alerts.
* Document architecture, procedures and incident response playbooks.
* Work with Technology, Security and Application teams to understand access needs across the organization’s systems and cloud environments
* After hours support required.
* Perform other identity Governance tasks as assigned.

QUALIFICATIONS:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
* SailPoint certification (e.g. SailPoint Identity Now Engineer or Architect)
* Background in broader IAM concepts such as PAM, SSO, or MFA.
* Security certifications such as CISSP, CISM or CCSP are a plus.
* Knowledge of security frameworks, regulatory requirements and compliance standards (e.g. NIST, PCI DSS, GDPR).EDUCATION and/or

EXPERIENCE:

* Proven experience within Identity and Access Management, with significant hands-on experience with SailPoint (preferably ISC)
* Strong understanding of identity lifecycle management, JML,…