IAM Engineer

Overview

Hybrid
$60
Contract - Independent
Contract - W2

Skills

Netskope
Security Assertation Markup Language (SAML)
SailPoint IQ/Identity Now
Okta
Beyond Trust

Job Details

Vaco is seeking a skilled and security-focused IAM Engineer to lead and support modern identity and access management initiatives across cloud and hybrid environments. Our client is going through incredible growth, and this Engineer will join a team to implement the technology roadmap. This role is ideal for an engineer with hands-on experience in Zero Trust architecture, identity lifecycle management, and next-generation access controls. If this aligns with your experience then we’d love to hear from you. Please reach out to the Vaco team today as we’re looking to schedule interviews immediately.

Core Responsibilities:
  • Lead the rollout of Okta FastPass/Device Trust and enforce modern authentication standards.
  • Configure and manage Netskope Network Private Access (NPA) for per-application access segmentation.
  • Drive CIEM (Cloud Infrastructure Entitlement Management) initiatives, including least privilege access cleanup and proof of concept validation.
  • Harden Conditional Access policies in Okta and Azure Entra, aligning with Zero Trust principles.
  • Support SAML/OIDC application onboarding, hygiene, and federation management across enterprise apps.
  • Design and enforce fine-grained access controls across cloud environments (Azure, AWS, etc.).
  • Participate in Azure B2C integration efforts, focusing on external identity flows and secure access models.
  • Roll out and manage ZTNA/ZPA solutions such as Netskope or equivalent Zero Trust platforms.
  • Support SSPM (SaaS Security Posture Management) tooling to enhance cloud SaaS visibility and control.
Preferred Skills & Experience:
  • 4+ years in IAM engineering roles with strong identity governance and administration (IGA) fundamentals.
  • Deep experience with Okta, Azure Entra ID (formerly Azure AD), and CIEM platforms (e.g., Sonrai, SailPoint, or CloudKnox).
  • Experience with ZTNA platforms like Netskope NPA, Zscaler ZPA, or equivalent.
  • Familiarity with Azure B2C, including policy configuration and customization.
  • Scripting knowledge (PowerShell, Python, etc.) for automation and identity lifecycle management.
  • Understanding of SSPM tools (e.g., AppOmni, Adaptive Shield) and SaaS application risk scoring.
Determining compensation for this role (and others) at Vaco/Highspring depends upon a wide array of factors including but not limited to the individual’s skill sets, experience and training, licensure and certifications, office location and other geographic considerations, as well as other business and organizational needs. With that said, as required by local law in geographies that require salary range disclosure, Vaco/Highspring notes the salary range for the role is noted in this job posting. The individual may also be eligible for discretionary bonuses, and can participate in medical, dental, and vision benefits as well as the company’s 401(k) retirement plan.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.