IAM Engineer

This role will design, implement, and maintain Identity and Access Management solutions that protect enterprise resources and ensure the right users have the right access at the right time. The ideal candidate brings hands-on experience with modern IAM platforms, directory services, and federation protocols, and is comfortable operating in a collaborative, fast-paced security organization.

Responsibilities: 

• Govern directory services (Active Directory, Azure AD/Entra ID, LDAP) including user provisioning, de-provisioning, group management, and policy enforcement
• Implement and manage role-based access control (RBAC) and attribute-based access control (ABAC) frameworks across enterprise applications
• Govern federation protocols (SAML 2.0, OAuth 2.0, OIDC) for both cloud and on-premises integrations
• Support Privileged Access Management (PAM) operations including onboarding privileged accounts, session recording, and credential vaulting
• Collaborate with application owners and IT teams to onboard new applications into the IAM ecosystem and ensure consistent access governance
• Monitor IAM systems for anomalies, investigate access-related incidents, and support forensic analysis when required
• Assist in developing and maintaining automation scripts for identity lifecycle workflows, access provisioning, and reporting
• Conduct periodic access reviews and work with the Risk and Governance team to ensure access certifications are completed on time
• Contribute to IAM policies, standards, and procedures in alignment with security frameworks (NIST, CIS, ISO 27001)
• Evaluate emerging IAM technologies and provide recommendations to improve the security posture
• Provide Tier 2/3 support for IAM-related incidents and service requests