Senior Identity and Access Management (IAM) Engineer

Job Title: Senior Identity and Access Management (IAM) Engineer

Location: Hybrid, Maplewood, MN. On site Tuesdays & Thursdays

Duration: 6+ Months (Extendable)

Job Description:

We are seeking an experienced Senior Identity and Access Management (IAM) Engineer to join our cybersecurity team. In this role, you will design, implement, and manage our identity and access management infrastructure to ensure secure authentication and authorization across our organization's systems and applications.

Responsibilities

Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM)

Lead the development and implementation of IAM policies, standards, and procedures aligned with industry best practices and compliance requirements

Excellent problem-solving skills to identify, troubleshoot and resolve issues related to directory services and infrastructure

Responsible for the overall hygiene of Active Directory

Configure and administer directory services (Active Directory, LDAP, Azure AD)

Design and implement federation services with third-party applications and cloud services

Conduct regular access reviews and maintain audit trails for compliance purposes

Troubleshoot and resolve complex IAM-related issues

Evaluate new IAM technologies and recommend improvements to existing infrastructure

Collaborate with security, IT, and development teams to integrate IAM solutions with applications and systems

Document IAM architecture, configurations, and procedures

Mentor junior team members on IAM best practices and technologies

Required Qualifications:

Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience)

8+ years of experience in IAM Engineering

Strong experience with IAM technologies such as Microsoft Entra ID (Azure AD), Strata, or similar platforms

Expertise in directory services (Active Directory, LDAP)

Experience with federation protocols (SAML, OAuth, OIDC)

Knowledge of identity governance and administration practices

Experience with privileged access management solutions

Understanding of cloud identity management in AWS, Azure, or Google Cloud Platform

Strong scripting and automation skills (PowerShell, Python, SQL, etc.)

Experience with API integration for identity management

Extensive hands-on knowledge of identity and access management best practices, procedures, and capabilities.

Preferred

Relevant certifications (e.g., CISSP, CISM, CCSP, vendor-specific certifications)

Experience with Zero Trust security models

Knowledge of compliance frameworks (SOX, HIPAA, PCI-DSS, ISO 27001, etc.)

Experience implementing IAM in containerized and microservices environments

Familiarity with DevSecOps practices

Experience with Customer Identity and Access Management (CIAM) solutions

Knowledge of PKI infrastructure and certificate management

Key Skills

Strong analytical and problem-solving abilities

Excellent communication and documentation skills

Project management capabilities

Ability to translate business requirements into technical solutions

Security-focused mindset with attention to detail

Education:

Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience)

8+ years of experience in IAM Engineering