Job Description:
We are seeking a Lead IAM Engineer to design and implement a brand-new Identity and Access Management (IAM) setup for a new investment application. This role requires an expert who can build IAM solutions from the ground up using SailPoint, with strong experience in Azure AD, PIM/PAM, and automation scripting. The ideal candidate will bring both deep technical expertise and strong leadership skills to define best practices, guide strategy, and engage with senior leadership including CISO-level visibility.
Key Responsibilities:
- Lead the end-to-end setup and configuration of a new IAM environment using SailPoint.
- Design and implement user account provisioning, access governance, and security role structures.
- Manage Privileged Identity Management (PIM) and Privileged Access Management (PAM) setups and controls.
- Configure and optimize Azure AD components, including conditional access, MFA, nested groups, and advanced group management.
- Develop and maintain automation scripts using PowerShell, SQL, and Java/BeanShell for IAM operations.
- Integrate IAM systems with ServiceNow, APIs, and enterprise data sources for seamless provisioning and de-provisioning.
- Ensure alignment with audit and compliance frameworks such as SOX and ISAE.
- Act as a Subject Matter Expert (SME) to define IAM roadmaps, recommend best practices, and present technical solutions to leadership teams.
Required Skills & Experience:
- 7+ years of hands-on IAM engineering experience, with at least 3 years in a lead or architect role.
- Proven expertise with SailPoint IdentityIQ (design, implementation, and integrations).
- Strong understanding of Azure AD security controls and access management.
- Deep technical experience with PIM/PAM rollout, governance, and privileged account management.
- Advanced PowerShell scripting skills; additional experience with SQL and Java/BeanShell preferred.
- Familiarity with ServiceNow integration, API-based provisioning, and data mapping.
- Solid knowledge of audit/compliance processes and IAM-related regulatory requirements.
- Excellent communication, leadership, and documentation skills.
We are an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, national origin, citizenship/ immigration status, veteran status, or any other status protected under federal, state, or local law.