Key skills
AWSAzureCloudFluxPythonPowerShellIAMAzure ADOAuthOktaSAMLLDAPActive DirectoryCI/CDCommunicationRemote WorkCloud Security
About this role
Role Overview
- Architect, implement, and maintain automated identity and access management solutions across on-premises and cloud environments, with a focus on enterprise-scale Active Directory and SailPoint integrations
- Develop and optimize automation scripts, workflows, and connectors (using PowerShell, BeanShell, Python, etc.) to streamline user provisioning/deprovisioning, group management, access reviews, and certifications
- Lead integration projects between SailPoint (IdentityNow/IdentityIQ), Active Directory (including Azure AD), and cloud security solutions (e.g., Zscaler, Okta, AWS IAM, Azure Security, etc.)
- Design, deploy, and manage automated access controls and role-based access control (RBAC) policies, ensuring compliance with security and privacy regulations (SOX, GDPR, HIPAA, etc.)
- Serve as a subject matter expert for Active Directory, including schema management, Group Policy Objects (GPOs), privileged access, domain trust relationships, and hybrid identity synchronization
- Automate and orchestrate processes across cloud security tools to facilitate user onboarding/offboarding, privilege management, and audit trail generation
- Troubleshoot complex identity and access management issues and directory synchronization problems, and perform root cause analysis of incidents involving identity or access failures
- Collaborate with other IT, cloud, and security teams to promote automation best practices and cross-platform security initiatives
- Maintain comprehensive documentation for architectures, workflows, procedures, and configuration changes within the identity and access management ecosystem
- Lead audit support activities, evidence collection, and remediation related to identity and access management using automated tools and reports
Requirements
- Bachelor’s or Master’s degree in Computer Science, Information Security, or a related technical field
- Minimum of 7 years of progressively responsible experience in enterprise identity and access management development, with significant automation responsibilities
- Expert knowledge of Active Directory (user and group management, GPOs, delegation, AD security, hybrid/cloud synchronization)
- Hands-on advanced experience with SailPoint (IdentityNow or IdentityIQ), especially in automating identity lifecycle workflows, developing custom connectors, and enforcing policies
- Proven ability to automate identity and access management and security administration using scripting (PowerShell, Python, BeanShell, or similar)
- Demonstrated experience automating tasks within major cloud security platforms (e.g., AWS IAM, Azure AD, Zscaler, Okta, Google Workspace, etc.)
- Strong understanding of identity protocols (LDAP, SAML, OIDC, OAuth 2.0, SCIM) and integration patterns for cloud and on-prem systems
- Solid knowledge of role-based access control, least-privilege approaches, and regulatory/compliance considerations in enterprise IAM practice
- Excellent analytical, troubleshooting, and communication skills, with proven experience working in multidisciplinary technical teams
- Experience with infrastructure as code, CI/CD pipelines, or SOAR platforms is a plus
- SailPoint Engineer certification (IdentityNow or IdentityIQ) and Microsoft certification: Identity and Access Administrator or equivalent is a plus
- Experience in identity governance, privileged access management (PAM), and multi-cloud IAM strategies is a plus
Tech Stack
- AWS
- Azure
- Cloud
- Flux
- Python
Benefits
- Comprehensive health benefits, life and disability insurance, and fertility and family-building support programs
- Generous paid time off, holidays, volunteer leave, quarterly personal care days, and no-meeting days
- Tuition reimbursement and book reimbursement programs to support continuous learning and professional development
- Thrive Global wellness program, confidential Employee Assistance Program (EAP), and individual wellness coaching
- Employee programs — including employee resource groups (ERGs), GoTo Gives, and our charitable matching program — to amplify your connection and impact
- Registered Retirement Savings Plan (RRSP) to help you plan for your future
- Gym reimbursement programs to encourage physical well-being
- Access to telemedicine services for convenient medical support
- GoTo performance bonus program to celebrate your impact and contributions
- Monthly remote work allowance to support your home office expenses