Lead IAM Security Engineer

Strategic Staffing Solutions
Lutz, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Lutz, United States of America

Tech stack

Microsoft Access
Microsoft Active Directory
Business Systems
Computer Security
Multi-Factor Authentication
Identity and Access Management
Lightweight Directory Access Protocols (LDAP)
OpenID
Role-Based Access Control
Openid Connect
Azure
Security Assertion Markup Language (SAML)
SAP Applications
Single Sign-On
Systems Integration
WS-Security
Scripting (Bash/Python/Go/Ruby)
Enterprise Software Applications
Software Troubleshooting
SailPoint

Job description

We are seeking an experienced Lead IAM Security Engineer with deep expertise in Saviynt Identity Governance & Administration (IGA) to help mature and modernize a large enterprise IAM program.

This is an engineering-focused role designed for professionals who build, improve, and transform IAM capabilities not individuals primarily performing day-to-day administration or ticket-based support. The ideal candidate will drive IAM strategy, automation, governance, and program maturity while partnering with internal stakeholders and third-party service providers.

Success in this role is measured by innovation, problem solving, process improvement, and the ability to deliver long-term IAM solutions that strengthen security, compliance, and operational efficiency.

What We're Looking For

We are interested in professionals who:

  • Challenge the status quo and continuously seek improvements.
  • Identify security gaps and opportunities for modernization.
  • Drive IAM program maturity through engineering and automation.
  • Develop strategic roadmaps and execution plans.
  • Improve governance, compliance, and audit readiness.
  • Build scalable IAM capabilities rather than perform routine operational tasks.
  • Possess an engineering and solution-oriented mindset., * Develop and execute the enterprise Identity & Access Management (IAM) roadmap aligned with business and security objectives.
  • Design and implement Identity Governance & Administration (IGA) solutions using Saviynt.
  • Design, implement, and maintain Role-Based Access Control (RBAC) models and least-privilege access strategies.
  • Develop identity lifecycle workflows for user onboarding, transfers, and offboarding.
  • Build and maintain certification campaigns, access reviews, compliance reporting, and governance processes.
  • Design and enhance authentication, authorization, Single Sign-On (SSO), and access control solutions.
  • Integrate enterprise applications, directories, and identity providers into the IAM platform.
  • Develop custom workflows, scripts, connectors, and automation to improve IAM operations.
  • Monitor and respond to IAM-related security incidents and unauthorized access events.
  • Serve as a subject matter expert during audits and regulatory assessments involving IAM, SOX, PII, and related compliance requirements.
  • Partner closely with Cyber Security, Human Resources, business units, and technology teams to deliver secure and scalable IAM solutions.
  • Identify opportunities to improve automation, governance, and operational efficiency across the IAM environment.

Requirements

Candidates with fewer years of experience but demonstrated success implementing or transforming IAM programs may be considered over individuals with extensive administrative experience., * Approximately 5+ years of Identity & Access Management experience (strong candidates with exceptional accomplishments may also be considered).

  • Hands-on experience with Saviynt Identity Governance & Administration (IGA).

  • Strong understanding of:

  • Identity lifecycle management

  • Role-Based Access Control (RBAC)

  • Least privilege principles

  • Access certifications

  • Identity governance

  • Workflow development

Experience designing and implementing IAM workflows for onboarding, offboarding, and user lifecycle management.

Experience developing custom scripts, connectors, or integrations for IAM platforms.

Strong understanding of enterprise authorization models and organizational security structures.

Experience integrating IAM solutions with enterprise applications, directories, and business systems.

Experience securing enterprise reporting platforms and user privileges.

Knowledge of SAP security concepts, including:

  • SAP authorization concepts
  • Portal security
  • Single Sign-On
  • Directory Services
  • Internet Transaction Server (ITS)
  • Web services security

Experience with Governance, Risk & Compliance (GRC), Segregation of Duties (SoD), and access controls.

Experience supporting compliance initiatives including:

  • SOX
  • NERC CIP
  • NIST
  • PCI

Strong troubleshooting, analytical, and problem-solving skills.

Excellent communication skills with both technical and business stakeholders.

Preferred Qualifications

  • Experience with Active Directory (AD) or LDAP directory services.
  • Experience with Azure Active Directory / Microsoft Entra ID.
  • Experience deploying and supporting Multi-Factor Authentication (MFA).
  • Experience implementing and supporting Single Sign-On (SSO).
  • Experience with SAML and OpenID Connect (OIDC).
  • Experience with privileged access management technologies.
  • Knowledge of Azure AD group administration.
  • Experience supporting hybrid enterprise identity environments.

Apply for this position