IAM Senior Engineer

Location: Blue Bell, PA Remote

Role Overview

The IAM Senior Engineer is a hands-on technical lead responsible for designing, implementing, supporting, and optimizing Identity & Access Management (IAM) solutions. The role focuses on onboarding applications, building automation and integrations, customizing IAM platforms (SailPoint, Okta, CyberArk), and driving improvements to governance, security, and operational efficiency. This position requires 5-8 years of relevant experience and the ability to lead complex IAM projects and resolve technical issues across the IAM stack.

Responsibilities

• Lead design, implementation, and support of IAM systems and subsystems.
• Onboard applications to IAM platforms such as SailPoint, Okta, and CyberArk.
• Develop and maintain custom connectors, integration components, and automation for provisioning, de-provisioning, and access lifecycle processes.
• Customize SailPoint workflows and extend platform functionality using Java, Beanshell, and REST APIs.
• Implement and enforce Identity Governance and Administration (IGA) concepts including RBAC, entitlement modeling, and access certifications.
• Develop and maintain integrations with target systems (HR, AD/LDAP, SaaS apps, databases, etc.).
• Troubleshoot, debug, and resolve production issues; perform root cause analysis and deliver remediation plans.
• Create technical design docs, runbooks, and knowledge-transfer materials; mentor junior engineers.
• Collaborate with security, application, and infrastructure teams to ensure secure and compliant access controls.
• Participate in change management, release deployment, and process improvement initiatives.

Required Qualifications

• 5-8 years of hands-on experience in IAM engineering, identity governance, or related security engineering roles.
• Proven experience onboarding applications to SailPoint, Okta, and CyberArk.
• Strong expertise in Identity Governance and Administration (IGA), Role-Based Access Control (RBAC), entitlement modeling, and access certification campaigns.
• Experience customizing SailPoint (IdentityIQ or IdentityNow) workflows and policies.
• Proficiency with Java and Beanshell scripting; demonstrable experience calling and building REST API integrations.
• Experience developing custom connectors and integrations between IAM platforms and target systems.
• Solid understanding of authentication/authorization protocols (SAML, OAuth/OIDC), LDAP/AD, and provisioning standards (SCIM).
• Experience with CI/CD, automated deployments, and test automation for IAM components.
• Strong troubleshooting, problem-solving, and communication skills.
• Ability to work onsite in Blue Bell, PA and collaborate with cross-functional teams.

Desired Skills

• Experience with CyberArk Privileged Access Management (PAM) administration and onboarding.
• Hands-on experience with Okta advanced features (lifecycle management, SCIM, custom apps).
• Familiarity with cloud identity integrations (Azure AD, AWS IAM) and hybrid identity architectures.
• Experience with access review tools, certification campaign automation, and governance reporting.
• Background in security/compliance frameworks (SOX, HIPAA) and audit remediation for access controls.

What You''ll Bring

• A pragmatic, security-first mindset with attention to operational stability.
• Ability to lead technical efforts, produce high-quality documentation, and mentor teammates.
• Track record of delivering IAM integrations and improving access governance processes.