Identity & Access Management (IAM) Engineer

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Who we're looking for

Toyota Financial Services is seeking a motivated and detail-oriented individual to join our Identity and Access Management (IAM) team. This role offers a great opportunity to build hands-on experience with identity technologies in a dynamic enterprise environment.

We're looking for a PAM Engineer with strong hands-on experience in CyberArk and Centrify, supported by working knowledge of Okta Workforce Identity as a secondary skill. The ideal candidate will be eager to grow their expertise in privileged access management and identity security, with a focus on operational support, automation, and compliance.

The ideal candidate must have hands-on expertise in Privileged Access Management (PAM)-particularly with platforms like CyberArk or Delinea-and proficiency in Okta Workforce Identity, including SSO and MFA.

This role offers a great opportunity to build hands-on experience with identity technologies in a dynamic enterprise environment!

What you'll be doing

• Perform daily operational support for CyberArk and Centrify/Delinea platforms, including:
  • Onboarding and maintaining privileged accounts and safes
  • Managing password rotations, vault health, and policy enforcement
  • Monitoring session management services and resolving session failures
  • Supporting endpoint privilege elevation and least?privilege configurations

• Support and maintain CyberArk and Centrify PAM platforms, including privileged account onboarding, password vaulting, session management, and access controls.
• Respond to incidents involving privileged access failures, credential issues, or security alerts.
• Assist in the administration of privileged access workflows, including provisioning, deprovisioning, and access reviews.
• Support Okta Workforce Identity platform for authentication, SSO, MFA, and user lifecycle management as a secondary responsibility.
• Monitor, troubleshoot, and optimize PAM and IAM integrations to ensure secure and seamless access.
• Monitor, troubleshoot, and optimize Okta integrations and workflows, including federated identity setups, API-based automation, and application onboarding, to maintain high availability, performance, and compliance with security standards.
• Respond to access-related service requests, incidents, and escalations related to privileged accounts.
• Maintain and update documentation for PAM and IAM processes, configurations, and audit controls.
• Collaborate with cross-functional teams to support compliance requirements (SOX, GDPR, PCI-DSS) and security best practices.
• Participate in continuous improvement initiatives to enhance PAM/IAM tools and processes.
• Assist in incident response activities related to privileged access security events.
• Stay current with PAM and IAM trends, technologies, and industry best practices.

What you bring

• 3+ years of experience in Privileged Access Management or Identity and Access Management and Workforce Identity Management.
• Hands-on experience or strong familiarity with CyberArk and Centrify PAM solutions with deep knowledge of credential vaulting, session monitoring, access provisioning, and policy enforcement in enterprise environments.
• Strong operational focus on stability, scalability, and compliance, with proven success integrating PAM with ITSM, SIEM, and infrastructure tools to streamline operations and support incident response.
• Good understanding of Active Directory, PowerShell scripting, account provisioning, and access governance.
• Understanding of identity protocols such as SAML, OIDC, and OAuth2.
• Strong troubleshooting and analytical skills in IAM/PAM environments.
• Familiarity with compliance frameworks such as SOX, GDPR, and PCI-DSS.
• Experience with ITSM and Agile tools like Jira, Confluence, and ServiceNow.
• Good communication skills and ability to collaborate across teams.
• Experience managing and scaling Okta Workforce Identity, with hands-on expertise in SSO, MFA, and automated lifecycle workflows for secure, efficient enterprise access.

Added bonus if you have

• Bachelor's degree in computer science, Information Security, or related field.
• IAM certifications (e.g., SailPoint BA, ISC2 SSCP, CISSP Associate)
• Experience integrating IAM with AWS or Azure

What we'll bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork, flexibility, and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to .