Senior IAM Engineer

About The Position

Requirements

• 7+ years of progressive experience in Identity and Access Management engineering, including leadership of complex IAM initiatives
• Proven experience designing and implementing IAM solutions in large-scale, hybrid, or cloud environments
• Demonstrated ability to act as a technical authority and advisor, influencing IAM decisions and standards
• Hands-on expertise with enterprise IAM technologies, including: Privileged Access Management (PAM), CyberArk (Enterprise Password Vault, Privileged Session Manager, Central Credential Provider, Conjur), HashiCorp Vault (secrets engines, policies, authentication methods, dynamic credentials), Authentication / Identity Providers (IDP), ForgeRock (Access Management, Identity Management, Directory Services, Identity Gateway), RSA (SecurID Authentication Manager, MFA, Identity Governance & Lifecycle), User Access & Entitlement Management, SailPoint (IdentityIQ, IdentityNow – access certifications, provisioning, role management), ESF (Enterprise Security Framework – entitlement management and access controls)
• Strong experience with authentication and federation protocols: SAML, OAuth 2.0, OpenID Connect, Kerberos
• Advanced knowledge of Active Directory, LDAP, and identity integrations
• Experience with cloud platforms (AWS, Azure) and cloud-native IAM services
• Strong scripting and automation capabilities (PowerShell, Python, Terraform, or equivalent)
• Excellent troubleshooting, analytical, and communication skills

Nice To Haves

• CyberArk Certified Defender or Delivery Engineer
• HashiCorp Certified Vault Associate / Professional
• ForgeRock Certified Engineer
• SailPoint Certified IdentityIQ Engineer
• RSA Certified Administrator
• Experience in financial services or highly regulated industries

Responsibilities

• Lead the design and implementation of IAM solutions across authentication, authorization, secrets management, identity governance, and privileged access domains
• Define and maintain IAM reference architectures, integration patterns, and best practices aligned to enterprise standards
• Provide technical recommendations and trade-off analysis balancing security, usability, scalability, and operational efficiency
• Participate in architecture reviews and influence client IAM roadmaps and modernization strategies
• Own IAM outcomes for assigned programs and migrations, ensuring solutions meet security, compliance, and performance expectations
• Lead IAM readiness activities for migrations and cutovers, including risk identification, mitigation planning, and execution support
• Guide and execute IAM configuration and integrations for SSO, MFA, federation, PAM, and secrets management
• Develop and enhance accelerators, automation, and self-service capabilities to improve delivery efficiency and consistency
• Ensure IAM implementations align with enterprise security policies, regulatory requirements, and audit standards
• Lead or coordinate IAM-related security testing, including authentication/authorization validation and vulnerability assessments
• Identify IAM risks and proactively recommend remediation or improvement opportunities
• Serve as a point of escalation for complex IAM issues and defect resolution
• Mentor junior engineers and review IAM designs, configurations, and documentation
• Collaborate with application teams, cloud engineers, security operations, and governance partners to drive successful IAM adoption
• Document IAM architectures, configurations, and operational procedures for long-term sustainability

Benefits

• Unlimited Paid Days Off
• Three health plan options
• 401k with company match
• Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts
• Family Forming Benefit including fertility coverage and adoption/surrogacy reimbursement
• Paid childbearing and paternal leave
• Education Reimbursement, Student Loan Assistance or 529 College Funding
• Sabbatical leave
• Wellness program
• Flexible work schedule