Overview
Hybrid
Depends on Experience
Accepts corp to corp applications
Contract - W2
Contract - 6 Month(s)
Skills
SAML
OAuth2
OIDC
MFA
RBAC
SCIM
JWT
IAM testing.
Job Details
IAM Quality Engineer - 6 months Contract to Hire
We re seeking an experienced IAM Quality Engineering (QE) Engineer to join our growing QA team on a Contract to Hire basis. This role is critical for designing, implementing, and executing robust test strategies for Identity and Access Management (IAM) systems across web and mobile platforms.
You ll work in a fast-paced, security-conscious, and highly regulated environment, collaborating with IAM architects, security engineers, and application teams to ensure secure authentication, authorization, and provisioning processes.
Key Responsibilities:
Develop and execute test plans for IAM systems: MFA, SSO, RBAC, provisioning, de-provisioning, and audit logging.
Automate tests using tools like Selenium, Postman, ReadyAPI, or custom frameworks for web, mobile, and API-based IAM flows.
Conduct negative, regression, and edge-case testing for login and access controls.
Validate third-party IdP integrations (Okta, Azure AD, Auth0).
Perform security testing for IAM vulnerabilities (e.g., session hijacking, token leakage).
Manage test environments and ensure IAM configurations align with production.
Support performance and load testing using monitoring tools.
Document traceability matrices, test cases, and quality artifacts.
Participate in Agile ceremonies and collaborate across teams.
Qualifications:
9+ years in QA/Test Automation; 2+ years specifically in IAM testing.
Deep knowledge of SAML, OAuth2, OIDC, MFA, RBAC, SCIM, JWT.
Proficient in tools like Selenium, Postman, ReadyAPI, Katalon.
Experience with Okta, Azure AD, Auth0, or custom IdPs.
Security testing exposure: OWASP ZAP, Burp Suite, Snyk, etc.
Scripting: Python, JavaScript, or Java.
Familiarity with CI/CD pipelines: GitHub Actions, Jenkins, CircleCI.
Agile work experience and strong problem-solving skills.
Nice to Have:
IAM compliance testing: SOX, HIPAA, HITRUST.
Experience with ForgeRock, Ping Identity, Keycloak.
Terraform or Infrastructure-as-Code for IAM.
Load testing experience using k6 or JMeter.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.