What are the responsibilities and job description for the Identity & Access Management Engineer position at Meriton?
Job Title Identity & Access Management (IAM) Engineer
Reports To Principal Security Architecht
FLSA Status Exempt
Location Shared Services Office, Irving, TX
Summary
Meriton is seeking an experienced Identity and Access Management (IAM) Engineer. The IAM Engineer is responsible for designing, implementing, and maintaining robust IAM systems to ensure secure access to digital resources. This role involves developing and integrating IAM frameworks, systems, and protocols, including Single Sign-On (SSO), multi-factor authentication, and access controls. The IAM Engineer ensures the confidentiality, integrity, and availability of IAM systems and data, trouble shooting and resolving technical issues, and staying up to date with evolving security threats and solutions.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals
with disabilities to perform the essentials functions. The workplace is in a corporate office environment and the temperature in the work environment is usually moderate. The position’s primary office is the Shared Services, Irving, TX office; however, telework or work at home, on the road, or in a satellite location for portions of the workweek may occur, depending upon project needs and requirements in coordination with your direct supervisor and/or most senior leader of your department.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable the individuals with disabilities to perform the essentials functions. While performing the duties of this job, the employee is regularly required to use hands to operate the computer keyboard and telephone, reach with hands and arms. The employee frequently is required to stand, walk, and sit. The employee is occasionally required to climb or balance and stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.
Reports To Principal Security Architecht
FLSA Status Exempt
Location Shared Services Office, Irving, TX
Summary
Meriton is seeking an experienced Identity and Access Management (IAM) Engineer. The IAM Engineer is responsible for designing, implementing, and maintaining robust IAM systems to ensure secure access to digital resources. This role involves developing and integrating IAM frameworks, systems, and protocols, including Single Sign-On (SSO), multi-factor authentication, and access controls. The IAM Engineer ensures the confidentiality, integrity, and availability of IAM systems and data, trouble shooting and resolving technical issues, and staying up to date with evolving security threats and solutions.
- Design, implement, and maintain IAM solutions with a focus on Microsoft Entra ID (Azure ID).
- Develop and enforce identity governance policies, role-based access controls (RBAC) and least privilege access models.
- Manage SSO (Single Sign-On), MFA (Multi-Factor Authentication), and Conditional Access Policies for enterprise security.
- Support Azure AD connect and Hybrid Identity integrations for on-premises and cloud-based environments.
- Monitor and optimize IAM performance, security posture, and compliance with industry standards (e.g., NIST, ISO 27001, CIS).
- Automate IAM tasks using PowerShell, Terraform, or other scripting languages.
- Collaborate with cybersecurity and IT teams to detect and remediate identity-related threats.
- Support audits and compliance efforts by providing reports on identity and access management activities.
- Stay up to date with the lates IAM security trends, vulnerabilities, and Microsoft Entra ID enhancements.
- 5 to 8 years of experience in IAM engineering, with a strong focus on Microsoft Entra ID (Azure AD).
- Experience with Entra ID Governance, Entra Permissions Management, and Azure B2B/B2C.
- Strong knowledge of OAuth, OpenID Connect, SAML, and Kerberos authentication protocols.
- Experience integrating IAM with enterprise applications like Microsoft 365, AWS, Okta, and ServiceNow.
- Proficiency in PowerShell, Python, or Terraform for automation.
- Experience with Privileged Access Management (PAM) solutions such as Microsoft Entra Privileged Identity Management (PIM).
- Familiarity with security frameworks like Zero Trust, CIS Controls, and NIST Cybersecurity Framework.
- Strong analytical, problem solving, and communication skills.
- Certifications such as Microsoft Certified Cybersecurity Architect Expert, Azure Security Engineer Associate, or CISSP preferred.
- Experience with Active Directory (AD DS), Azure AD Connect, and federation Services (ADFS) preferred.
- Experience with design and deployment of identity federation solutions using OAuth 2.0, OpenID Connect (OIDC), and SAML to enable Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Confidential Access across cloud and hybrid environments, reducing unauthorized access risks preferred.
- Experience with Zero Trust security models by enforcing least privilege access, Just-In-Time (JIT) role elevation, and password-less authentication using Microsoft Entra ID Privileged Identity Management (PIM), Azure AD Conditional Access, and identity risk analytics, strengthening security posture across enterprise environments preferred.
- Experience in design and optimization API authentication strategies by securing application integrations through OAuth 2.0 client credentials flow, token expiration policies, and certificate-based authentication, improving security for B2B and B2C services while reducing exposure to session hijacking and token replay attacks preferred.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals
with disabilities to perform the essentials functions. The workplace is in a corporate office environment and the temperature in the work environment is usually moderate. The position’s primary office is the Shared Services, Irving, TX office; however, telework or work at home, on the road, or in a satellite location for portions of the workweek may occur, depending upon project needs and requirements in coordination with your direct supervisor and/or most senior leader of your department.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable the individuals with disabilities to perform the essentials functions. While performing the duties of this job, the employee is regularly required to use hands to operate the computer keyboard and telephone, reach with hands and arms. The employee frequently is required to stand, walk, and sit. The employee is occasionally required to climb or balance and stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.
