IAM Consultant

CIAM/IAM Engineer
Contract to Hire (W2 ONLY, NO C-C)
McKinney, TX (Hybrid)

Summary
We are seeking a senior Cybersecurity Staff Engineer IAM / CIAM Consultant with strong hands-on experience in Customer Identity and Access Management, SailPoint Identity Security Cloud, Active Directory, and Microsoft Entra ID.
The ideal candidate will support enterprise identity initiatives across workforce IAM and customer identity use cases. This role requires strong technical depth in identity governance, identity lifecycle, application integrations, access controls, authentication, authorization, and identity data flows.


Primary Skill Set
Candidates must have strong hands-on experience with:

• CIAM / Customer Identity and Access Management
• SailPoint Identity Security Cloud / SailPoint ISC
• Active Directory
• Microsoft Entra ID / Azure AD
• Identity lifecycle management
• Application onboarding and identity integrations
• SSO, MFA, federation, and access governance

Key Responsibilities

• Lead and support Customer Identity and Access Management initiatives across customer-facing and external-user applications.
• Design, configure, and support CIAM registration, login, MFA, passwordless authentication, account recovery, and profile management flows.
• Support CIAM integrations for web, mobile, SaaS, partner, and internal applications.
• Work with SailPoint Identity Security Cloud / ISC for identity governance, access modeling, RBAC, application onboarding, certifications, and lifecycle processes.
• Work with Active Directory and Microsoft Entra ID for identity, group, role, and access management.
• Analyze identity data, entitlements, roles, groups, and access models.
• Support SSO, MFA, federation, and authentication-related integrations.
• Partner with application, security, infrastructure, audit, and business teams.

• Create technical documentation, process flows, architecture diagrams, runbooks, and control evidence.
• Oversee multiple IAM projects concurrently, ensuring timely, secure, and scalable delivery.
• Provide technical mentorship to junior engineers and develop documentation to support operational continuity and audit readiness.
• Contribute to the strategic roadmap for IAM, identifying opportunities for innovation, risk reduction, and operational efficiency.
• Provide weekly status updates, risks, issues, and recommendations to leadership.

Required Skills

• 8+ years of experience in Identity and Access Management engineering, cybersecurity, or a related field.
• Strong hands-on experience with Customer Identity and Access Management (CIAM) platforms and customer-facing identity use cases.
• Strong hands-on experience with SailPoint Identity Security Cloud / ISC, including sources, connectors, identity profiles, access profiles, roles, entitlements, certifications, workflows, provisioning, and lifecycle states.
• Strong experience with Active Directory, including users, groups, OUs, permissions, service accounts, and group-based access.
• Strong experience with Microsoft Entra ID / Azure AD, including enterprise applications, app registrations, conditional access, MFA, groups, external identities, and identity governance.
• Experience designing, implementing, or supporting customer registration, login, MFA, account recovery, profile management, and lifecycle flows.
• Experience with B2B, B2C, partner, vendor, and external-user identity models.
• Experience with SSO, federation, and provisioning technologies, including SAML, OAuth 2.0, OIDC, LDAP, and SCIM.
• Experience with CIAM security controls, including adaptive authentication, risk-based authentication, step-up authentication, session management, bot protection, and account takeover prevention.
• Experience with identity attributes, claims, tokens, scopes, roles, entitlements, access policies, and attribute mapping.
• Experience with customer identity data synchronization and downstream application integrations.
• Experience with identity governance, access reviews, certifications, RBAC, and entitlement management.
• Ability to troubleshoot CIAM and IAM issues across authentication, authorization, federation, provisioning, synchronization, MFA, sessions, and application access.
• Ability to work with application owners, security teams, infrastructure teams, audit teams, privacy teams, and business stakeholders.
• Excellent communication, analytical, and organizational skills.
• Comfortable working independently or within a team in a hybrid work environment.

Estimated Min Rate: $65.00
Estimated Max Rate: $85.00


What s In It for You?
We welcome you to be a part of the largest and legendary global staffing companies to meet your career aspirations. Yoh s network of client companies has been employing professionals like you for over 65 years in the U.S., UK and Canada. Join Yoh s extensive talent community that will provide you with access to Yoh s vast network of opportunities and gain access to this exclusive opportunity available to you. Benefit eligibility is in accordance with applicable laws and client requirements. Benefits include:

• Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week)
• Health Savings Account (HSA) (for employees working 20+ hours per week)
• Life & Disability Insurance (for employees working 20+ hours per week)
• MetLife Voluntary Benefits
• Employee Assistance Program (EAP)
• 401K Retirement Savings Plan
• Direct Deposit & weekly epayroll
• Referral Bonus Programs
• Certification and training opportunities

Note: Any pay ranges displayed are estimations. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply.

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process.

For California applicants, qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. All of the material job duties described in this posting are job duties for which a criminal history may have a direct, adverse, and negative relationship potentially resulting in the withdrawal of a conditional offer of employment.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

By applying and submitting your resume, you authorize Yoh to review and reformat your resume to meet Yoh s hiring clients preferences. To learn more about Yoh s privacy practices, please see our Candidate Privacy Notice: https://www.yoh.com/privacy-notice