More jobs:
Senior IAM Engineer
Job in
Oklahoma City, Oklahoma County, Oklahoma, 73113, USA
Listed on 2026-06-19
Listing for:
Acrisure
Full Time
position Listed on 2026-06-19
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, Data Security
Job Description & How to Apply Below
Department:
Information Security
Reports to:
Senior Director, Information Security
Role Summary
You will be a hands-on IAM engineer who designs, automates, and scales secure identity and access controls across cloud and enterprise environments. You'll build paved-road patterns for identity federation, least privilege, and just-in-time access - ensuring that authentication and authorization boundaries are strong, measurable, and frictionless.
Success in this role means turning identity into an enabler: making secure access seamless for users, applications, and services while maintaining the highest standards of governance and compliance.
What You'll Do (Core Responsibilities)
Architect and Automate Identity Foundations
* Design and maintain secure-by-default IAM architectures across Azure AD / Entra , AWS IAM, and hybrid enterprise systems.
* Develop paved road templates for access control patterns (e.g., federated access, role assumption, service accounts, workload identity).
* Automate provisioning and deprovisioning pipelines using identity APIs, SCIM, and workflow orchestration tools (e.g., SailPoint, Okta Workflows, Azure Automation, or Terraform).
* Implement policy-as-code for IAM guardrails (e.g., least-privilege enforcement, conditional access, MFA requirements, privilege expiration).
Access Control, Federation, and Governance
* Engineer federated identity solutions for users, applications, and partners using SAML, OIDC, and OAuth
2.
* Manage conditional access policies, adaptive authentication, and passwordless strategies to balance security with user experience.
* Define and enforce least privilege for human and machine identities across AWS, Azure, and SaaS platforms.
* Integrate IAM governance with enterprise GRC systems to ensure traceability and audit readiness.
* Partner with App Sec and Cloud teams to secure authn/z boundaries across applications, APIs, and services.
Privileged Access Management (PAM)
* Implement and maintain privileged access vaulting and session control using platforms like Cyber Ark, Beyond Trust, Delinea, or Azure PIM.
* Automate just-in-time elevation for administrative roles and enforce time-bound access approvals.
* Continuously monitor and remediate excessive privileges across cloud and on-prem accounts.
* Integrate PAM telemetry with SIEM/SOAR for threat detection and behavioral analytics.
Lifecycle and Risk Management
* Automate joiner/mover/leaver processes and identity lifecycle events through API-driven workflows and HR system integrations.
* Conduct periodic access reviews and certifications; deliver evidence for SOC2, PCI, and ISO audits.
* Develop and maintain dashboards for leading indicators (automated provisioning rate, MFA coverage, stale accounts) and lagging indicators (MTTR for access removal, orphaned identities, failed recertifications).
* Prioritize remediation through risk scoring (criticality × exposure × privilege depth) and ensure compliance with internal SLAs.
Detection and Response Integration
* Collaborate with Security Operations to define identity-related detections (impossible travel, lateral movement, privilege abuse).
* Correlate identity events with endpoint and cloud telemetry to identify compromised accounts.
* Assist in incident response for identity-based breaches, credential theft, and access abuse.
Minimum Qualifications
* 5+ years of experience in Identity and Access Management engineering, including multi-cloud and hybrid enterprise environments.
* Strong knowledge of Azure AD / Entra , AWS IAM, and SAML / OIDC / OAuth2 / SCIM protocols.
* Proficiency with identity automation using Power Shell, Python, Terraform, or APIs.
* Experience with PAM platforms (Cyber Ark, Beyond Trust, or Azure PIM) and IGA tools (SailPoint, Saviynt, or Okta).
* Familiarity with conditional access, MFA enforcement, and passwordless authentication in large-scale environments.
* Understanding of zero trust architecture, least privilege design, and role-based access control (RBAC) principles.
* Proven ability to interpret business access needs and translate them into secure, scalable IAM solutions.
Preferred Qualifications
* Exposure to NIST 800-63, CIS Controls, Zero Trust Maturity Model, and NIST CSF.
* Experience integrating IAM data with SIEM (e.g. Sentinel) and SOAR workflows.
* Relevant certifications such as CISSP, CISM, Azure Security Engineer Associate, AWS Security - Specialty, or Okta Certified Professional.
Behavioral Competencies
* Enablement first:
You design access patterns that simplify compliance and make the secure option the default.
* Automation mindset:
You codify identity logic and guardrails, reducing manual effort and human error.
* System thinker:
You see identity as the connective tissue between applications, infrastructure, and users.
* Risk translator:
You clearly articulate the business impact of over-privilege and authentication weaknesses.
#Auris
Candidates should be comfortable with an on-site presence to support…
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×