SailPoint / CyberArk IAM Developer

The SailPoint/CyberArk IAM Developer is responsible for designing, developing, integrating, and maintaining enterprise Identity and Access Management (IAM) solutions across SailPoint IdentityIQ/IdentityNow and CyberArk Privileged Access Management (PAM) platforms. This role supports security modernization, Zero Trust initiatives, compliance programs, and missioncritical identity workflows across complex, multicloud environments.

Key Responsibilities

SailPoint IdentityIQ / IdentityNow Development

• Design and implement identity lifecycle workflows, provisioning/deprovisioning processes, and access request/approval models.
• Develop custom connectors, rules, workflows, and integrations using Java, Beanshell, REST APIs, and SailPoint plugin frameworks.
• Configure roles, entitlements, certifications, policies, and SoD controls.
• Build and optimize aggregation, correlation, and reconciliation logic for large-scale identity datasets.
• Support upgrades, patching, and performance tuning of SailPoint environments.

CyberArk PAM Engineering

• Deploy, configure, and maintain CyberArk components including PVWA, PSM, CPM, Vault, and Conjur.
• Develop automated onboarding workflows for privileged accounts, secrets, and application credentials.
• Implement password rotation policies, session recording, access control models, and platform-specific plug-ins.
• Integrate CyberArk with AD, LDAP, cloud platforms, DevOps pipelines, and enterprise applications.
• Support CyberArk hardening, DR, vault maintenance, and compliance reporting.

Integration & Automation

• Build REST/SOAP API integrations between IAM platforms, HR systems, directories, cloud services, and enterprise applications.
• Automate identity workflows using Python, PowerShell, Java, or CI/CD pipelines.
• Support SSO, MFA, and federation integrations (SAML, OAuth, OIDC).

Security, Compliance & Operations

• Implement IAM controls aligned with Zero Trust, NIST, FedRAMP, HIPAA, SOX, or agency-specific frameworks.
• Conduct troubleshooting, root cause analysis, and remediation for identity and privileged access issues.
• Support audit, reporting, and evidence collection for compliance and security assessments.
• Collaborate with security, DevOps, cloud, and application teams to ensure consistent IAM governance.

Required Skills & Experience

• 5 10+ years of IAM engineering experience with at least 3+ years hands-on in SailPoint and CyberArk.
• Strong development experience in Java, Beanshell, PowerShell, Python, or similar scripting languages.
• Deep understanding of identity lifecycle management, RBAC/ABAC, provisioning, and directory services.
• Experience with CyberArk PAM components, platform onboarding, and plugin customization.
• Familiarity with cloud IAM (AWS, Azure, Google Cloud Platform) and DevOps pipelines.
• Strong troubleshooting skills across identity, authentication, authorization, and integration layers.

Preferred Qualifications

• Experience in federal, healthcare, or regulated enterprise environments.
• Knowledge of additional IAM tools (Okta, Ping, Azure AD, BeyondTrust).
• Certifications: SailPoint IdentityIQ Engineer, CyberArk Defender/Sentry, CISSP, or cloud certifications.
• Experience with microservices, secrets management, or containerized IAM deployments.