Identity and Access Management Engineer

ECS Tech Inc•Fairfax, VA

17h•Onsite

About The Position

ECS is seeking a proactive and technical Identity and Access Management (IAM) Engineer to join their team in Fairfax, VA. In this role, the engineer will be responsible for delivering end-to-end identity governance solutions, bridging business objectives with technical implementation. The position involves working within infrastructure and engineering teams to advance Identity Governance and Administration platforms, requiring a "full-stack" mindset to handle tasks from technical design and birthright access policies to hands-on development of custom connectors, APIs, and automated provisioning workflows.

Requirements

Bachelor's degree and 5 years of experience or the equivalent job experience.
Extensive hands-on experience with SailPoint (IdentityIQ or IdentityNow).
Strong knowledge of identity lifecycle management, RBAC, and access governance.
Experience with scripting and automation (Python, PowerShell, Bash).
Deep understanding of Active Directory, Entra AD, and LDAP systems.
Strong problem-solving skills with the ability to take initiative (self-starter).
Excellent written and spoken English communication skills.
Ability to work effectively in a virtual, cross-time-zone environment.
Business outcomes mindset with attention to detail.

Responsibilities

Implement, configure, and upgrade enterprise SailPoint (IdentityIQ/IdentityNow) solutions based on functional specifications.
Develop modifications and wrappers for IAM APIs and extend custom connectors, plug-ins, and SCIM/REST integrations for diverse target systems (SaaS, HRMS, IaaS).
Identify opportunities to automate and create organizational value. Develop efficient scripting and workflows.
Engineer automated provisioning and de-provisioning services for application on-boarding and off-boarding, ensuring a seamless user experience.
Design and implement Role-Based Access Control (RBAC) models, Separation of Duties (SoD) policies, and organization access review strategies.
Ensure solutions adhere to regulatory standards (e.g., NIST 800-53, FedRAMP, ISO 27001) and support access certification campaigns.
Apply secure coding practices and maintain a strong understanding of SAML, OIDC, OAuth, and PKI protocols.
Support and maintain IAM environments, including performance tuning, health monitoring, and troubleshooting IGA rules and workflows.
Assist in monitoring, troubleshooting, and providing problem resolutions for end-user issues and platform incidents.
Generate metrics and reporting on identity health, access reviews, and compliance status.
Work collaboratively with cross-functional technical leads and business stakeholders to facilitate application integration.
Create comprehensive technical documentation, including system diagrams, process flows, and operational procedures.