Identity and Access Management (IAM) Engineer

The Identity and Access Management (IAM) Engineer is responsible for designing, implementing, and maintaining secure identity solutions that protect firm systems. This role ensures effective access controls, supports audits and compliance requirements, and engages closely with technology, security functions, and business teams. The ideal candidate brings a strong security perspective, hands-on IAM/PAM experience, and the ability to operate effectively in a fast-paced private equity environment., * Build, implement, and maintain IAM/PAM solutions supporting employees, clients, and contractors

• Manage identity lifecycle processes including onboarding, offboarding, role changes, and access reviews
• Coordinate and improve identity platforms such as Okta, Auth0, or similar IAM tools
• Implement and maintain Single Sign-On (SSO), Multi-Factor Authentication (MFA), and conditional access policies
• Support and maintain privileged access management (PAM) controls and least-privilege access models
• Support, administer, and optimize enterprise email security platforms, including threat protection, policy configuration, monitoring, and incident response
• Proactively monitor and respond to identity-related security incidents and access anomalies
• Drive continual improvement processes to enhance the end-user experience, increase technology value, and improve security posture
• Document IAM standards, procedures, and technical configurations
• And other responsibilities as required!

• An identity-focused technologist who demonstrates a solid sense of ownership and accountability
• Comfortable functioning in a dynamic, high-trust financial services atmosphere
• Diligent, with a strong appreciation for controls, auditability, and risk management
• Able to collaborate effectively with IT, Security, Compliance, and business partners
• Proactive in identifying gaps, improving processes, and automating where possible, * Strong understanding of authentication and authorization concepts (RBAC, SAML, OAuth, OIDC, SCIM)
• Familiarity with cloud-first and SaaS-heavy enterprise environments
• Ability to script or automate IAM processes using PowerShell, Python, or similar tools
• Solid understanding of email security concepts (phishing protection, mail flow controls, authentication protocols) and experience supporting enterprise email platforms
• Clear communication abilities and the capacity to explain technical concepts to collaborators without a technical background

Education Preferred:

• Bachelor's degree or equivalent experience in Information Technology, Computer Science, Cybersecurity, or a related field
• Relevant industry certifications such as CISSP, CISM, CCSP, or GIAC are strongly preferred.

Experience:

• 3-5 years of experience handling identity and access management in a corporate environment
• Previous experience in financial services, asset management, or private equity is preferred but not required.

$120,000.00 - $140,000.00

This USD base salary range represents only one component of total compensation for this role and is provided in accordance with local requirements. This role is eligible for a discretionary annual bonus, which is determined based on individual and overall firm performance. In addition to salary and bonus, total compensation may include eligibility for long-term reward programs and a comprehensive total rewards package that may include retirement, health, insurance, paid time off, and wellness programs. Our total rewards offerings are influenced by several business factors, and eligibility for certain components will vary by position and geography. Please note the posted ranges do not apply outside the U.S. and should not be converted to other currencies as a proxy for compensation in other countries.