Identity and Access Mgmt. Sr. Engineer

Top Talent

  • Charlotte, NC
  • $160,000-200,000 per year
  • Permanent
  • Full-time
  • 13 days ago
IAM Senior EngineerCompany: Fortune 500 Financial Services CompanyCharlotte, NC or Des Moines, IAType: Full TimeOverviewThe IAM Senior Engineer will lead the design, deployment, and ongoing support of IAM solutions across multi-cloud environments (AWS, Azure, GCP), ensuring secure, compliant, and seamless access for users, applications, and services. The IAM Lead Engineer will serve as a subject matter expert, driving adoption of modern identity standards and automation to support a Zero Trust security model.Key Responsibilities
  • Lead architecture, engineering, and implementation of cloud IAM solutions across AWS, Azure, and GCP.
  • Manage and optimize identity platforms such as Azure Active Directory, Okta, Ping Identity, or equivalent cloud identity providers.
  • Define and enforce IAM policies for authentication, authorization, and federation in cloud-native and hybrid environments.
  • Automate identity lifecycle processes, including provisioning, de-provisioning, and role/attribute-based access controls.
  • Implement and manage privileged access management (PAM) for cloud infrastructure and DevOps pipelines.
  • Integrate SaaS and IaaS applications with enterprise IAM platforms using SAML, OAuth 2.0, OIDC, and SCIM.
  • Partner with security, DevOps, and application teams to embed IAM best practices into CI/CD and cloud operations.
  • Support audits and compliance initiatives (e.g., SOC 2, SOX, PCI-DSS, HIPAA, FedRAMP) with IAM evidence and controls.
  • Monitor, troubleshoot, and remediate IAM issues across cloud environments to ensure availability and scalability.
  • Research and implement emerging cloud IAM technologies aligned to Zero Trust and least privilege principles.
Qualifications
  • Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
  • 7+ years of experience in Identity and Access Management, with at least 3+ years in cloud IAM.
  • Hands-on experience with cloud identity services (Azure AD, AWS IAM, AWS SSO, GCP IAM).
  • Strong knowledge of authentication/federation standards: SAML, OAuth 2.0, OIDC, SCIM, LDAP, Kerberos.
  • Proficiency with scripting/automation (PowerShell, Python, Terraform, or equivalent).
  • Experience implementing RBAC, ABAC, and least privilege across cloud workloads.
  • Familiarity with Zero Trust principles, conditional access, and MFA/Passwordless authentication.
  • Strong understanding of regulatory compliance frameworks as they apply to cloud security.
  • Excellent communication skills with the ability to lead cross-functional teams.
Preferred Skills
  • Certifications such as Azure Security Engineer, AWS Certified Security – Specialty, or Okta Certified Professional.
  • Experience with Infrastructure as Code (Terraform, CloudFormation) for IAM policy and role management.
  • Prior experience integrating IAM with DevSecOps and CI/CD pipelines.
  • Knowledge of identity threat detection and response (ITDR) solutions.
Compensation and Benefits
  • Base Salary: $160,000 – $200,000 annually, based on experience and qualifications.
  • Bonus: Eligible for an annual discretionary performance bonus.
  • Benefits Package Includes:
  • Comprehensive medical, dental, and vision insurance
  • 401(k) retirement plan with company match
  • Paid time off (vacation, sick leave, holidays)
  • Flexible work arrangements (remote/hybrid options, depending on business needs)
  • Professional development opportunities, training, and certifications
  • Employee wellness programs and additional voluntary benefits

Top Talent