Lead Identity & Access Management

About The Position

Requirements

• 8+ years of experience in Identity & Access Management, Information Security, Cybersecurity Engineering
• Hands‑on experience architecting and engineering IAM solutions in large, complex environments.
• Technical knowledge of IAM concepts including authentication, authorization, federation, directory services, identity lifecycle, access governance, and privileged access.
• Strong experience with at least several of the following technologies/tools: Delinea / Thycotic / Centrify, Azure AD / Entra ID, Active Directory, Group Policy, Kerberos, LDAP, Windows Server, SSO, SAML, OAuth, OIDC
• Automation/Scripting: PowerShell, Python
• Ability to support integrations into Delinea, SailPoint, and Azure AD/Entra ID with a strong skill set for API development and integration.
• Ability to analyze, interpret, and correct data inconsistencies, errors, gaps, and inaccuracies for impact.
• Strong understanding of IAM principles, including details for least privileged, joiner, mover, and leaver operations.
• Strong understanding of workflows from systems of record through many different layers of IAM to application use.
• Strong understanding of Azure AD, including lifecycle management for all account types.
• Strong knowledge of AWS.
• Knowledge of client-server applications, multi-tier web applications, relational databases, and cloud IAM and security tools.
• Strong understanding of SSO, OAuth, OpenID, and SAML.

Nice To Haves

• Experience with the following preferred but not required: SailPoint Identity Security Cloud (ISC), Microsoft Identity Products (MIM PAM, PIM, etc.)
• Experience working in regulated industries preferred (financial services, healthcare, etc.).
• Bachelor’s degree in Computer Science, Information Systems, or related field preferred.
• Preferred certifications: CISSP, CISM, Microsoft Identity certifications, or vendor certifications (SailPoint, Delinea).
• Experience with Workday integrations.

Responsibilities

• Serves as the primary engineer responsible for the PAM platform’s daily function, configuration, and reliability.
• Administer access to the PAM platforms, including onboarding users, roles, and entitlements within the tools
• Configure privileged access workflows, credential vaulting, rotation, session controls, and integrations
• Monitor PAM system performance, availability, errors, and audit logs
• Troubleshoot and remediate PAM‑related issues affecting access, automation, or integrations
• Partner with business and infrastructure teams to onboard new privileged use cases into PAM
• Be the day to day technology owner of identity governance, lifecycle, and authentication platforms by leading: Troubleshooting, Integration validation, Operational execution
• Execute IAM tasks according to established processes and approvals
• Lead application and service integrations with IAM tooling
• Utilize scripting, APIs, and automation to improve IAM operational efficiency
• Assist with configuration changes and platform enhancements under established governance
• Actively supports monitoring, investigation, and response activities related to IAM security signals.
• Support detective IAM controls, including logging, alerting, and access review evidence collection
• Configure and monitor IAM and PAM log activity for anomalous or unauthorized behavior
• Lead identity‑related investigations, incidents, and penetration testing efforts
• Gather and analyze IAM and PAM data for audits, incident response, and forensic activities
• Collaborate with security teams during access‑related security events to assess impact and remediate issues
• Collaborate with application, infrastructure, and security teams and drive projects to implement standardized IAM and PAM practices
• Provide IAM and PAM design input as part of discussions based on operational experience
• Document configurations, procedures, troubleshooting steps, and known issues
• Create and disseminate operational metrics, observations, and improvement recommendations
• Identify recurring issues and propose pragmatic improvements to tooling or processes

Benefits

• Medical, Dental, and Vision
• 401(k) Plan with Company Match
• Short- & Long-Term Disability
• Wellness Programs
• Group Life and AD&D Insurance
• Paid Vacation, Sick Days and bank Holidays
• Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition