IAM Engineer (SSO Configuration & Full Suite Implementation)

Position: IAM Engineer (SSO Configuration & Full Suite Implementation)
Location: Remote
Job Type: Part Time (40-80 Hours per month)

Job Summary:
We are seeking an experienced IAM Engineer to lead the configuration and end-to-end implementation of our Identity and Access Management (IAM) ecosystem, with a strong emphasis on Single Sign-On (SSO) integration. The ideal candidate will have a deep understanding of modern identity protocols, federated authentication systems, user provisioning frameworks, and security compliance.

Key Responsibilities:
Lead the design, configuration, and deployment of IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC).
Integrate SSO across multiple enterprise and cloud applications using SAML, OAuth, OIDC, and SCIM protocols.
Implement full IAM suite features including:
Identity lifecycle management
User provisioning and de-provisioning
Directory services integration (e.g., Active Directory, Azure AD, Okta Universal Directory)
Federation services
Collaborate with application owners and stakeholders to configure SSO for new and existing systems.
Develop and maintain access certification and compliance reporting processes.
Configure automated workflows for identity governance and self-service access requests.
Ensure IAM systems are aligned with security policies, best practices, and compliance requirements (e.g., SOX, HIPAA, GDPR).
Create detailed documentation for configuration, processes, and troubleshooting guides.
Support incident response activities related to IAM services.

Required Skills and Qualifications:
5+ years of hands-on experience with Identity and Access Management systems.
Strong expertise in configuring SSO using SAML 2.0, OAuth 2.0, and OIDC.
Experience with IAM platforms such as *Okta, Ping Identity, Azure AD, ForgeRock, or SailPoint*.
Proven experience in full-cycle implementation of IAM solutions from design through to production support.
Deep understanding of identity lifecycle processes and user provisioning via SCIM or APIs.
Experience with directory services (LDAP, AD), and integration into cloud/SaaS environments.
Familiarity with scripting languages (e.g., PowerShell, Python) to automate IAM tasks.
Knowledge of Zero Trust principles and modern access security models.
Strong communication and stakeholder collaboration skills.

Preferred Qualifications:
Certifications: Okta Certified Professional, Microsoft Certified: Identity and Access Administrator, CISSP, or similar.
Experience with CI/CD integration for IAM configurations and DevSecOps pipelines.
Background in governance tools like SailPoint, Saviynt, or CyberArk for privileged access.
Familiarity with ITIL processes and ticketing systems (e.g., ServiceNow).

Thanks & Regards
Mahesh