Sr IAM Software Engineer
Role details
Job location
Tech stack
Job description
The Senior Software Engineer, Identity and Access Management (IAM), will design, build, and operate enterprise IAM solutions across cloud and on-prem environments, including Microsoft Entra ID, AWS Identity Center, and GCP IAM. This hands-on role serves as a technical subject matter expert for identity lifecycle management, RBAC, PIM/PAM, MFA, SSO, and Zero Trust access controls (e.g., Conditional Access and passwordless). You will implement secure integrations using standards such as SAML, OAuth 2.0/OIDC (OpenID Connect), LDAP, Kerberos, NTLM, and SCIM, and drive automation through APIs and scripting. The ideal candidate has experience with platforms such as SailPoint, BeyondTrust, Microsoft Entra ID (Azure AD), and Active Directory, and partners effectively with engineering and governance teams to deliver resilient, audit-ready services.
THE DAY-TO-DAY:
- Define and execute IAM strategy aligned with business and security goals.
- Architect, build, test, deploy, and monitor IAM services across cloud and on-prem.
- Gather and document requirements; align solutions with stakeholders.
- Establish IAM policies, standards, and processes to enforce best practices and reduce risk.
- Collaborate with Engineering, Compliance, IT, and HR to deliver on the IAM roadmap.
- Act as technical lead/SME, providing guidance, escalation support, and driving adoption.
- Automate provisioning and access workflows (JML), deliver integrations, and own service health, monitoring, incident response, and audit support (SOX, PCI, MICS)., * Access to company hotel, food and beverage, retail, and entertainment discounts as well as discounts with company partners on things like travel, electronics, online shopping, and more
- Free meals in our employee dining room
- Free parking
- Health & Income Protection benefits (for eligible employees)
- Professional and personal development through programs and networking opportunities as well as volunteer opportunities in the community
Requirements
- Bachelor's (or equivalent) with 5+ years in IAM and software engineering.
- Experience designing and deploying IAM solutions using platforms like SailPoint, BeyondTrust, and Entra ID (Azure AD).
- Strong knowledge of authentication/authorization standards (SAML, OAuth 2.0, OIDC) and Zero Trust concepts.
- Hands-on experience with Entra ID (hybrid, Conditional Access), AWS Identity Center, and GCP IAM.
- Proficiency in SQL, PowerShell/Python, REST APIs, and automation/integration patterns (JML lifecycle).
- Experience with DevOps/CI-CD tools (e.g., Jenkins, Ansible), IaC (Terraform), and service platforms (ServiceNow).
- Strong troubleshooting skills; familiarity with Oracle identity governance, regulated environments (SOX, PCI, MICS), MFA/passwordless (FIDO2), and SSO integrations.
