Identity and Access Management Engineer

ECS Tech Inc•Fairfax, VA

19d•Onsite

About The Position

ECS is seeking an Identity and Access Management Engineer to work in our Fairfax, VA office. We are seeking a proactive and technical Identity and Access Management (IAM) Engineer to join our team. In this role, you will be responsible for delivering end-to-end identity governance solutions, serving as a bridge between business objectives and technical implementation. You will work within infrastructure and engineering teams to advance our Identity Governance and Administration platforms. This position requires a "full-stack" mindset: you will handle everything from technical design and "birthright" access policies to the hands-on development of custom connectors, APIs, and automated provisioning workflows.

Requirements

Extensive hands-on experience with SailPoint (IdentityIQ or IdentityNow).
Strong knowledge of identity lifecycle management, RBAC, and access governance.
Experience with scripting and automation (Python, PowerShell, Bash).
Deep understanding of Active Directory, Entra AD, and LDAP systems.
Strong problem-solving skills with the ability to take initiative (self-starter).
Excellent written and spoken English communication skills.
Ability to work effectively in a virtual, cross-time-zone environment.
Business outcomes mindset with attention to detail.
Bachelor's degree and 5 years of experience or the equivalent job experience.

Responsibilities

Platform Implementation: Implement, configure, and upgrade enterprise SailPoint (IdentityIQ/IdentityNow) solutions based on functional specifications.
Custom Integration: Develop modifications and wrappers for IAM APIs and extend custom connectors, plug-ins, and SCIM/REST integrations for diverse target systems (SaaS, HRMS, IaaS).
Automation: Identify opportunities to automate and create organizational value. Develop efficient scripting and workflows.
Identity Lifecycle: Engineer automated provisioning and de-provisioning services for application on-boarding and off-boarding, ensuring a seamless user experience.
Access Control: Design and implement Role-Based Access Control (RBAC) models, Separation of Duties (SoD) policies, and organization access review strategies.
Compliance: Ensure solutions adhere to regulatory standards (e.g., NIST 800-53, FedRAMP, ISO 27001) and support access certification campaigns.
Security Best Practices: Apply secure coding practices and maintain a strong understanding of SAML, OIDC, OAuth, and PKI protocols.
System Maintenance: Support and maintain IAM environments, including performance tuning, health monitoring, and troubleshooting IGA rules and workflows.
Incident Management: Assist in monitoring, troubleshooting, and providing problem resolutions for end-user issues and platform incidents.
Reporting: Generate metrics and reporting on identity health, access reviews, and compliance status.
Team Partnership: Work collaboratively with cross-functional technical leads and business stakeholders to facilitate application integration.
Documentation: Create comprehensive technical documentation, including system diagrams, process flows, and operational procedures.