IAM Security Engineer
Role details
Job location
Tech stack
Job description
You're invited to join our Enterprise Information Security team, focusing on corporate Identity & Access Management. At Esri, you will work with a close-knit, skilled team in a highly innovative environment. Help us build and operate enterprise single-sign-on (SSO), identity governance, and multi-factor authentication (MFA) solutions, and to develop and enhance automated workflows. We welcome you to join us and use your technical expertise across various IAM products and systems to improve the security, privacy, and daily user experience of your colleagues., * Design, develop, and enhance IAM solutions integrating enterprise applications and security services
- Manage IAM lifecycle processes, including provisioning, de-provisioning, access request and periodic access certification
- Deploy and configure connectors within SailPoint IdentityIQ/IDN for various enterprise systems including custom connectors for home grown applications
- Develop and maintain high-quality, reusable features and components using Java and other scripting languages
- Administer and support LDAP, Single Sign-On (SSO), federation, SAML, OAuth, OIDC and enterprise IAM systems
- Implement and support cloud-based identity platforms such as Microsoft Entra ID
- Engineer and manage identity integrations with ServiceNow, including form development, workflow design, access request catalog items, and automation of approval processes
- Design and manage identity-related workflows in SailPoint to support access governance and provisioning processes
- Support identity and mailbox provisioning and management within Microsoft Exchange Online and on-premises Exchange environments
- Develop and maintain PowerShell automation scripts, and bulk identity updates across Active Directory and integrated system
- Provide Level 2-3 support, ensure SLA compliance, perform access data cleanup and certification, and participate in on-call support as required
- Implement conditional access policies, MFA and governance standards across enterprise applications
- Collaborate cross-functionally with business and technology teams to align IAM processes with organizational needs
Requirements
- 2+ years of experience in IAM planning, implementation, and operations
- 2+ years of Java development experience
- 2+ years developing IAM solutions using SailPoint IdentityIQ
- Foundational knowledge of identity technologies such as SailPoint, Ping, CA, and Entra
- Proficiency managing LDAP directories, Active Directory, REST Webservices, SAML, OIDC, databases, PowerShell
- Strong analytical, problem-solving, and communication skills
- Visa sponsorship is not available for this posting. Applicants must be authorized to work for any employer in the US
- Bachelor's degree in computer science or a related STEM field
Recommended Qualifications
- 1+ years of ServiceNow Form/Workflow development experience is a strong plus
- Experience with CI/CD pipelines
- Experience with AWS, Linux
- Experience with authentication libraries, MSAL, Passport
#LI-TM1
Benefits & conditions
Esri's competitive total rewards strategy includes industry-leading health and welfare benefits: medical, dental, vision, basic and supplemental life insurance for employees (and their families), 401(k) and profit-sharing programs, minimum accrual of 80 hours of vacation leave, twelve paid holidays throughout the calendar year, and opportunities for personal and professional growth. Base salary is one component of our total rewards strategy. Compensation decisions and the base range for this role take into account many factors including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. A reasonable estimate of the base salary range is $73,840-$128,440 USD
