Identity and Access Management Engineer

Everforth Ecs
Fairfax, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Fairfax, United States of America

Tech stack

Microsoft Active Directory
API
Application Integration Architecture
Bash
Software as a Service
Human Resources Information System (HRIS)
Infrastructure as a Service (IaaS)
Identity and Access Management
Python
Lightweight Directory Access Protocols (LDAP)
OAuth
OpenID
Performance Tuning
Public Key Infrastructure
Powershell
Role-Based Access Control
Security Assertion Markup Language (SAML)
Secure Coding
Flexi (Photoshop Plugin)
Power Platform Integration
SailPoint

Job description

We are seeking a proactive and technical Identity and Access Management (IAM) Engineer to join our team. In this role, you will be responsible for delivering end-to-end identity governance solutions, serving as a bridge between business objectives and technical implementation.

You will work within infrastructure and engineering teams to advance our Identity Governance and Administration platforms. This position requires a "full-stack" mindset: you will handle everything from technical design and "birthright" access policies to the hands-on development of custom connectors, APIs, and automated provisioning workflows.

Key Responsibilities:

Engineering & Development

Platform Implementation: Implement, configure, and upgrade enterprise SailPoint (IdentityIQ/IdentityNow) solutions based on functional specifications.

Custom Integration: Develop modifications and wrappers for IAM APIs and extend custom connectors, plug-ins, and SCIM/REST integrations for diverse target systems (SaaS, HRMS, IaaS).

Automation: Identify opportunities to automate and create organizational value. Develop efficient scripting and workflows.

Identity Lifecycle: Engineer automated provisioning and de-provisioning services for application on-boarding and off-boarding, ensuring a seamless user experience.

Governance & Security

Access Control: Design and implement Role-Based Access Control (RBAC) models, Separation of Duties (SoD) policies, and organization access review strategies.

Compliance: Ensure solutions adhere to regulatory standards (e.g., NIST 800-53, FedRAMP, ISO 27001) and support access certification campaigns.

Security Best Practices: Apply secure coding practices and maintain a strong understanding of SAML, OIDC, OAuth, and PKI protocols.

Operations & Support

System Maintenance: Support and maintain IAM environments, including performance tuning, health monitoring, and troubleshooting IGA rules and workflows.

Incident Management: Assist in monitoring, troubleshooting, and providing problem resolutions for end-user issues and platform incidents.

Reporting: Generate metrics and reporting on identity health, access reviews, and compliance status.

Collaboration

Team Partnership: Work collaboratively with cross-functional technical leads and business stakeholders to facilitate application integration.

Documentation: Create comprehensive technical documentation, including system diagrams, process flows, and operational procedures.

Requirements

Do you have experience in SailPoint?, Do you have a Bachelor's degree?, * Bachelor's degree and 5 years of experience or the equivalent job experience.

  • Extensive hands-on experience with SailPoint (IdentityIQ or IdentityNow).
  • Strong knowledge of identity lifecycle management, RBAC, and access governance.
  • Experience with scripting and automation (Python, PowerShell, Bash).
  • Deep understanding of Active Directory, Entra AD, and LDAP systems.
  • Strong problem-solving skills with the ability to take initiative (self-starter).
  • Excellent written and spoken English communication skills.
  • Ability to work effectively in a virtual, cross-time-zone environment.
  • Business outcomes mindset with attention to detail.

Apply for this position