Identity & Access Management Engineer

About The Position

Requirements

• Strong hands-on experience with Saviynt IGA platform (configuration, workflows, connectors)
• Strong experience with PAM solution CyberArk
• Knowledge of directory services (Active Directory, LDAP), SSO, and federation protocols (SAML, OAuth, OIDC).
• Familiarity with APIs, REST, and scripting languages (PowerShell, Python).
• Proven ability to lead technical teams and manage complex projects.
• Strong problem-solving and analytical skills with minimal supervision and escalate issues as appropriate
• Excellent communication skills for collaboration with stakeholders and vendors.
• Working with an international team and stakeholders (USA, India, Germany, …)
• 5+ years in IAM engineering roles, with at least 2 years focused on Saviynt.
• 2+ years in PAM solutions – focused on CyberArk
• Experience in large-scale enterprise environments.
• Demonstrated understanding of risk and compliance frameworks
• Excellent documentation, written and communication skills
• Must be a detail-oriented, well-organized, self-starter able to work in a dynamic environment with the ability to perform multiple tasks
• Highly motivated individual with the ability to self-start, prioritize, and multi-task

Nice To Haves

• Certification in Saviynt, CyberArk
• Scripting and/or programming skills in technologies, such as PowerShell, SQL, Python, and JSON
• Strong interpersonal and communication skills and the ability to collaborate and work effectively with a wide range of cross-functional teams, vendors, and time zones
• Experience with REST protocols
• Familiarity with standards for SSO technologies such as SAML2, OAuth2
• Must be a team player
• Demonstrated ability to learn new IT and security concepts and technologies quickly

Responsibilities

• Platform Ownership Serve as the subject matter expert (SME) for Saviynt IGA and CyberArk (PAM solution)
• Oversee configuration, customization, and integration of Saviynt and CyberArk with enterprise systems.
• Ensure platform scalability, performance, and compliance with security standards.
• Own all cost related issues (run / maintain / operate) Vendor and partner management for the given applications
• Technical Leadership Work closely with IT leadership on coordinating workload distribution and providing technical guidance.
• Provide mentorship to a team of IDAM engineers, responsible for daily operations and enhancements.
• Define best practices and enforce coding, configuration, and operational standards.
• Identity Lifecycle Management Design and maintain workflows for user provisioning, de-provisioning, and access reviews.
• Implement role-based access control (RBAC) and attribute-based access control (ABAC) models.
• Integration & Automation Develop connectors and integrations between Saviynt/CyberArk and applications (on-prem and cloud).
• Automate identity processes using APIs, scripts, and Saviynt/CyberArk capabilities.
• Security & Compliance Ensure adherence to regulatory requirements (e.g., SOX, GDPR).
• Conduct periodic access certifications and audits.
• Implement controls for privileged access management.
• Incident & Problem Management Troubleshoot and resolve platform issues.
• Perform root cause analysis and implement preventive measures.
• Continuous Improvement Stay updated on Saviynt and CyberArk product roadmap and IDAM industry trends.
• Drive innovation and recommend enhancements to improve efficiency and security.
• Performing other security-related duties as requested

Benefits

• MKS offers a comprehensive benefits package, including health insurance coverage (medical, dental and vision), 401(k) with company match, life and disability insurance, 12 paid holidays, sick time, 15 paid vacation days, [6 weeks fully paid] parental leave, adoption assistance and tuition reimbursement