Senior Identity and Access Management Engineer

About The Position

Requirements

• Bachelor’s degree or equivalent professional experience.
• At least six years of direct Identity and Access Management, cybersecurity, or information security experience.
• At least two years of hands-on experience administering an enterprise IGA platform.
• Hands-on experience with one or more of the following: CyberArk, Saviynt, ObserveIT.
• Hands-on experience administering OKTA, including OKTA Lifecycle Management.
• Strong understanding of identity governance, access controls, and identity lifecycle management.
• Experience creating or improving Joiner, Mover, and Leaver workflows.
• Experience designing, implementing, or supporting Role-Based Access Control.
• Experience with access certifications, access reviews, and entitlement governance.
• At least two years of scripting and automation experience using PowerShell, Python, or an equivalent language.
• Experience integrating identity platforms and enterprise applications using REST APIs.
• Knowledge of SCIM, SAML, API-based provisioning, and identity federation concepts.
• Experience using Postman or similar tools for API testing and validation.
• Strong troubleshooting, analytical, documentation, and problem-solving skills.
• Excellent communication skills, including the ability to explain technical work to business stakeholders and senior leadership.
• Ability to operate effectively in a fast-paced environment, manage changing priorities, and adjust course when needed.
• Strong team-oriented mindset and willingness to collaborate across technical and business groups.

Nice To Haves

• Experience supporting large-scale enterprise identity programs.
• Experience working in healthcare or another highly regulated industry.
• Knowledge of identity governance and security frameworks, including: NIST 800-63, ISO 27001, HITRUST.
• Familiarity with HIPAA and PCI requirements.
• Understanding of Segregation of Duties and confidentiality, integrity, and availability principles.
• CISSP, CISM, or another cybersecurity or identity-management certification.

Responsibilities

• Serve as the primary owner of the company’s Identity Governance and Administration platform and processes.
• Administer and support enterprise IGA and IAM technologies, including CyberArk, Saviynt, ObserveIT, and OKTA.
• Manage user provisioning, de-provisioning, and access changes throughout the employee lifecycle.
• Design, implement, and improve Joiner, Mover, and Leaver workflows.
• Develop and maintain Role-Based Access Control models and access governance standards.
• Support OKTA Lifecycle Management and integrations with enterprise applications.
• Participate in periodic access reviews, access certifications, and entitlement remediation.
• Support Segregation of Duties controls and identify potentially conflicting access.
• Integrate IAM and IGA platforms with enterprise applications using REST APIs, SCIM, SAML, and related protocols.
• Use Postman and similar tools for API testing, troubleshooting, and validation.
• Develop scripts and automation using PowerShell, Python, or equivalent technologies.
• Identify opportunities to replace manual access management processes with scalable automated solutions.
• Support access control audits, risk remediation, compliance reviews, and governance initiatives.
• Work with application owners, security teams, infrastructure teams, and business stakeholders to implement secure access solutions.
• Develop and maintain technical documentation, procedures, standards, and operational runbooks.
• Troubleshoot complex IAM, application-integration, provisioning, and authentication issues.
• Communicate project progress, technical challenges, risks, and recommendations to senior leadership.
• Mentor junior team members and provide technical guidance when needed.
• Contribute to the continuous improvement of the company’s cybersecurity and identity governance programs.