Job brief: An Identity & Access Management Engineer designs, implements and maintains IAM solutions to protect organisational assets. The role focuses on authentication, authorisation, provisioning and compliance. You will work closely with security, IT operations and application teams to enforce access policies and reduce risk.
This job description outlines the core responsibilities, technical skills and qualifications required to recruit an experienced Identity & Access Management Engineer who can deliver robust, scalable and compliant identity services.
Identity & Access Management Engineer Job Profile
The Identity & Access Management Engineer is responsible for deploying and supporting IAM platforms including single sign on, multi factor authentication and directory services. The post holder will manage access provisioning, role based access control and privileged access solutions.
They will ensure integrations with cloud and on premises systems, produce operational runbooks and work with audit teams to maintain compliance with regulatory standards.
Identity & Access Management Engineer Job Description
The Identity & Access Management Engineer will design, build and maintain identity services that secure user access across the organisation. This involves configuring authentication protocols such as SAML, OAuth2 and OpenID Connect, administering identity stores and integrating identity providers with business applications. The role requires proactive monitoring, incident response for access issues and continuous improvement of processes to reduce risk.
The engineer will lead identity lifecycle activities including joiner mover leaver automation, entitlement reviews and access certification. They will collaborate with developers to provide secure APIs and automated provisioning, and with operational teams to implement resilient, highly available IAM architectures.
Reporting to the security or identity manager, the engineer will produce technical documentation, support audit requests and provide subject matter expertise for identity related projects. A strong focus on automation, scripting and infrastructure as code is expected to reduce manual tasks and improve repeatability.
Identity & Access Management Engineer Duties and Responsibilities
- Implement and maintain IAM platforms such as Azure AD, Okta or ForgeRock.
- Configure single sign on, multi factor authentication and federated identity solutions.
- Manage provisioning and deprovisioning workflows and automate lifecycle processes.
- Design and operate role based access control and attribute based access control policies.
- Integrate identity providers with cloud and on premises applications using SAML, OAuth2 and OpenID Connect.
- Administer privileged access management tools and enforce least privilege for admin accounts.
- Monitor IAM systems, respond to incidents and perform root cause analysis for access failures.
- Conduct access reviews, entitlement certifications and support internal and external audits.
- Develop scripts and automation using PowerShell, Python or similar to streamline IAM tasks.
- Create and maintain technical documentation, runbooks and standard operating procedures.
- Work with identity governance to implement policies for segregation of duties and compliance.
- Provide consultancy and training to application owners and support teams on identity best practice.
Identity & Access Management Engineer Requirements and Qualifications
- Bachelor degree in Computer Science, Cyber Security or equivalent experience.
- Proven experience in an IAM role with hands on implementation of SSO, MFA and directory services.
- Strong understanding of authentication protocols SAML, OAuth2, OpenID Connect and LDAP.
- Experience with IAM platforms such as Azure AD, Okta, Ping Identity, ForgeRock or SailPoint.
- Familiarity with privileged access management solutions and RBAC policy design.
- Practical scripting skills in PowerShell, Python or Bash for automation tasks.
- Knowledge of cloud identity concepts and integrating identities across hybrid environments.
- Experience of identity governance, access reviews and regulatory compliance activities.
- Excellent communication skills with the ability to explain technical concepts to non technical stakeholders.
- Relevant certifications desirable such as Microsoft Certified, CISSP, CISM or vendor specific IAM certifications.
- Strong problem solving skills and an analytical approach to incident investigation and remediation.
