IAM Engineer

Job Overview

As an IAM Engineer specializing in SailPoint Identity Governance, you will be critical in securing enterprise identities, ensuring compliance, and supporting access management policies. You will design and manage IAM processes, configurations, and integrations while collaborating with cross-functional teams to improve the organization's security infrastructure.

Key Responsibilities

• SailPoint IGA Implementation & Configuration:
• Configure and deploy SailPoint IdentityNow or IdentityIQ solutions for user provisioning, access reviews, and governance automation.
• Develop custom workflows, rules, and policies to manage the identity lifecycle.
• Integration & Maintenance:
• Integrate SailPoint with various enterprise applications (on-premises and cloud), such as Active Directory, AWS, Azure, Workday, etc.
• Perform system upgrades, patches, and maintenance to ensure IAM systems remain secure and up to date.
• Access Control & Compliance:
• Implement role-based access control (RBAC), attribute-based access control (ABAC), and least privilege models.
• Support audit and compliance requirements, including access certifications and reporting.
• Identity Lifecycle Management:
• Define and implement provisioning, de-provisioning, and re-certification processes.
• Work closely with HR, IT, and business units to ensure appropriate access is granted and revoked.
• Security Operations & Monitoring:
• Continuous monitoring and remediation of access anomalies or violations must be conducted.
• Collaborate with Security Operations to support incident response related to identity access breaches.
• Technical Documentation & Training:
• Create and maintain system documentation, including technical specifications, workflows, and knowledge transfer materials.
• Mentor and train junior team members or administrators on SailPoint functionalities.
  

Required Skills And Experience

• 3-5 years of experience in Identity and Access Management (IAM) with a focus on SailPoint IGA solutions (IdentityNow or IdentityIQ).
• Strong understanding of identity lifecycle management, access provisioning/de-provisioning, access reviews, and role management.
• Experience integrating IAM systems with various enterprise tools, such as:
• Active Directory
• Azure AD
• HR systems (Workday, SAP, etc.)
• Cloud platforms (AWS, Azure, GCP)
• Proficiency in developing custom connectors, workflows, and policy configurations in SailPoint.
• Knowledge of authentication protocols (SAML, OAuth, OpenID, LDAP) and APIs.
• Familiarity with compliance frameworks (SOX, PCI-DSS, GDPR, etc.) and access audits.
• Strong scripting/programming experience (Java, Beanshell, PowerShell, or Python) is a plus.
  

Preferred Qualifications

• SailPoint certifications include SailPoint Certified Engineer or SailPoint IdentityIQ Implementation Specialist.
• Experience with other IAM tools such as Okta, CyberArk, ForgeRock, or Ping Identity.
• Hands-on knowledge of Privileged Access Management (PAM).
• Security certifications such as CISSP, CISM, or CompTIA Security .