Sr. IAM Engineer

• Lead the implementation and administration of IAM and RBAC platforms.

• Drive major initiatives for IAM and RBAC automation and development across the organization.

• Ensure adherence to ISO and NIST standards and organizational security policies for all IAM solutions.

• Respond to break/fix requests and monitor IAM environments.

• Handle Level 2 tickets for bugs, outages, and feature requests.

• Support the IT team in change management processes for development, QA, and production environments.

• Maintain IAM policies, standards, and procedures.

• Ensure compliance with regulatory and internal requirements.

• Provide compliance-related reports as needed.

• Maintain applications and systems related to IAM and RBAC.

• Support ServiceNow tickets for access requests to systems and applications.

• Ensure 99.99% system availability on a 24/7/365 basis for cloud and on-premises systems.

• Direct daily IAM operations, including access provisioning, deprovisioning, and regular audits to ensure compliance and efficiency.

• Build and maintain IAM policies for physical devices, API keys, cloud identities, and multi-factor authentication (MFA).

• Report on IAM metrics and performance to senior management.

• Highlight and identify areas for improvement in IAM initiatives.

• User Authentication Enhancements:

• Continuously improve methods for MFA, single sign-on (SSO), and related authentication processes to enhance security and user experience.

• Bachelor’s degree in computer science, IT, or a related field, or equivalent work experience.

• Minimum of 9 years of experience in IAM and RBAC support under ISO 27001 & NIST 800-53 policies and procedures.

• Extensive experience in implementing modern IAM practices, from physical devices to cloud platforms.

• Hands on experience with CyberArk Identity, including SSO for cloud, SaaS and legacy applications; adaptive MFA; automated user lifecycle management; identity governance and access certifications; endpoint privilege management across Windows, macOS, and Linux; and secure workforce password management.

• Active Directory (AD Directory Services, ADFS, Forest Trust, AD Rights Management).

• Entra ID (AAD Connect, Conditional Access Policy, Entitlement Management).

• Third-party PAM solutions.

• SailPoint, SecureAuth IDP

• In-depth knowledge of IAM frameworks and best practices.

• Manage and maintain digital certificate lifecycle using Venafi Trust Protection platform

• Authentication protocols such as SAML and LDAP.

• Authorization concepts and hybrid domain environments.

• Familiarity with NIST guidelines for access administration, enforcement, and governance.

• Experience managing both public cloud and on-premises IAM solutions.

• Strong analytical and troubleshooting skills.

• Ability to work collaboratively across teams and with senior leadership.

• Excellent verbal and written communication skills.

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.