Lead Identity & Access Management Engineer

Location: Harrisburg, PA
Position Type: Hybrid, 1 day per month onsite - Northeast candidates only
Contract Length:  2 years

Position Overview:
Design and implement Identity and Access Management (IAM) solutions to enhance authentication, access control, and security across enterprise applications and platforms. This role involves configuring and managing SSO, MFA, and identity federation, integrating IAM with cloud and on-premise systems, automating processes using scripting and IAM tools, and ensuring compliance with security policies and regulations.

Required Skills:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 5–7 years of experience in IAM engineering, with a focus on D365, SailPoint, Entra ID, Azure B2C, and SAP.
• Hands on proficiency in configuring and managing SailPoint, Entra ID, Azure B2C, Azure AD Conditional Access, and SAP IAM modules.
• Strong understanding of IAM protocols such as SAML, OAuth, OpenID Connect, and LDAP.
• Hands-on experience with identity governance tools, role mining, and access certification.
• Experience in shell scripting (PowerShell, Python) for automating IAM workflows.
• Familiarity with integrating IAM systems with hybrid cloud environments.
• Relevant certifications, such as:
• SailPoint Certified Identity Professional
• Microsoft Entra ID Administrator Associate
• Azure Solutions Architect Expert
• SAP Security Certification
• Familiarity with DevSecOps practices and integrating IAM into CI/CD pipelines.

Duties:

• Design and implement Identity and Access Management (IAM) solutions to support seamless authentication for external customers and internal end users using multiple sign-in methods, ensuring a secure and user-friendly experience.
• Enhance IAM integration with enterprise applications, including customization of user journeys, attribute collection, and verification processes to improve customer self-service and identity management. 
• Configure and manage Single Sign-On (SSO), Multifactor Authentication (MFA), and Identity Federation across multiple platforms like Microsoft Dynamics, Power Pages, SAP, Nuance IVR, CoPilot Contact center, Cisco WebEx Contact center.
• Implement Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) policies to enforce least-privilege principles.
• Develop and maintain IAM governance frameworks, including writing policies for ensuring compliance with internal and external regulatory requirements.
• Use tools like Terraform and scripting languages (e.g., PowerShell and Python) to automate IAM processes and user lifecycle management.
• Integrate IAM solutions with cloud platforms, on-premise systems, and third-party applications.
• Manage provisioning, de-provisioning, and access reviews for enterprise users and applications.
• Ensure accurate identity synchronization between D365, SAP, Entra ID, and other systems.
• Utilize Azure Defender, SailPoint, IdentityNow, and other tools to strengthen IAM security posture.
• Monitor IAM systems for unusual activity, ensuring timely detection and remediation of threats.
• Collaborate with cross-functional teams, including IT security, compliance, and business units, to align IAM solutions with organizational goals.
• Provide technical support for IAM-related incidents and escalations.
• Develop and maintain a productive working relationship with technology staff, business owners, project sponsors, vendors, and key clients.
• Lead and participate in project team activities for system work efforts related to enterprise systems.
• Work independently to accomplish the tasks and duties assigned.
• Adhere to and follow all client standards, policies, and procedures.
• Utilize various software and/or technology tools to perform job duties.