Lead IAM Engineer

Overview

On Site
$DOE
Full Time
Part Time
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 06+ Month(s)

Skills

Java
Sql
IAM
Powershell
Beanshell
PIM/PAM

Job Details

Job Title: Lead IAM Engineer
Location: Hybrid Cherry Creek, CO (Onsite interview required)
Duration: 6+ Months Contract

Overview:
We are seeking a Lead IAM Engineer to design and implement a brand-new Identity and Access Management (IAM) setup for a new investment application. This role requires an expert who can build IAM solutions from the ground up using SailPoint, with strong experience in Azure AD, PIM/PAM, and automation scripting. The ideal candidate will bring both deep technical expertise and strong leadership skills to define best practices, guide strategy, and engage with senior leadership including CISO-level visibility.

Key Responsibilities:

  • Lead the end-to-end setup and configuration of a new IAM environment using SailPoint.
  • Design and implement user account provisioning, access governance, and security role structures.
  • Manage Privileged Identity Management (PIM) and Privileged Access Management (PAM) setups and controls.
  • Configure and optimize Azure AD components, including conditional access, MFA, nested groups, and advanced group management.
  • Develop and maintain automation scripts using PowerShell, SQL, and Java/BeanShell for IAM operations.
  • Integrate IAM systems with ServiceNow, APIs, and enterprise data sources for seamless provisioning and de-provisioning.
  • Ensure alignment with audit and compliance frameworks such as SOX and ISAE.
  • Act as a Subject Matter Expert (SME) to define IAM roadmaps, recommend best practices, and present technical solutions to leadership teams.

Required Skills & Experience:

  • 7+ years of hands-on IAM engineering experience, with at least 3 years in a lead or architect role.
  • Proven expertise with SailPoint IdentityIQ (design, implementation, and integrations).
  • Strong understanding of Azure AD security controls and access management.
  • Deep technical experience with PIM/PAM rollout, governance, and privileged account management.
  • Advanced PowerShell scripting skills; additional experience with SQL and Java/BeanShell preferred.
  • Familiarity with ServiceNow integration, API-based provisioning, and data mapping.
  • Solid knowledge of audit/compliance processes and IAM-related regulatory requirements.
  • Excellent communication, leadership, and documentation skills.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.