Sr. IAM Engineer

• Lead the implementation and administration of IAM and RBAC platforms.

• Drive major initiatives for IAM and RBAC automation and development across the organization.

• Ensure adherence to ISO and NIST standards and organizational security policies for all IAM solutions.

• Respond to break/fix requests and monitor IAM environments.

• Handle Level 2 tickets for bugs, outages, and feature requests.

• Support the IT team in change management processes for development, QA, and production environments.

• Maintain IAM policies, standards, and procedures.

• Ensure compliance with regulatory and internal requirements.

• Provide compliance-related reports as needed.

• Maintain applications and systems related to IAM and RBAC.

• Support ServiceNow tickets for access requests to systems and applications.

• Ensure 99.99% system availability on a 24/7/365 basis for cloud and on-premises systems.

• Direct daily IAM operations, including access provisioning, deprovisioning, and regular audits to ensure compliance and efficiency.

• Build and maintain IAM policies for physical devices, API keys, cloud identities, and multi-factor authentication (MFA).

• Report on IAM metrics and performance to senior management.

• Highlight and identify areas for improvement in IAM initiatives.

• User Authentication Enhancements:

• Continuously improve methods for MFA, single sign-on (SSO), and related authentication processes to enhance security and user experience.

• Bachelor’s degree in computer science, IT, or a related field, or equivalent work experience.

• Minimum of 9 years of experience in IAM and RBAC support under ISO 27001 & NIST 800-53 policies and procedures.

• Extensive experience in implementing modern IAM practices, from physical devices to cloud platforms.

• Hands on experience with CyberArk Identity, including SSO for cloud, SaaS and legacy applications; adaptive MFA; automated user lifecycle management; identity governance and access certifications; endpoint privilege management across Windows, macOS, and Linux; and secure workforce password management.

• Active Directory (AD Directory Services, ADFS, Forest Trust, AD Rights Management).

• Entra ID (AAD Connect, Conditional Access Policy, Entitlement Management).

• Third-party PAM solutions.

• SailPoint, SecureAuth IDP

• In-depth knowledge of IAM frameworks and best practices.

• Manage and maintain digital certificate lifecycle using Venafi Trust Protection platform

• Authentication protocols such as SAML and LDAP.

• Authorization concepts and hybrid domain environments.

• Familiarity with NIST guidelines for access administration, enforcement, and governance.

• Experience managing both public cloud and on-premises IAM solutions.

• Strong analytical and troubleshooting skills.

• Ability to work collaboratively across teams and with senior leadership.

• Excellent verbal and written communication skills.

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)