IAM Engineer
United States
Contract
1 hour ago
H1B Sponsor
Key skills
Identity Lifecycle ManagementAccess Control DesignAuthentication & SSOPrivileged Access ManagementIdentity GovernanceCloud Identity ManagementIntegration & AutomationTroubleshootingPythonPowerShellAWSAzureGCPVaultIAMAzure ADEntra IDOAuthSAMLSSOSingle Sign-OnSaaS
About this role
Quantum World Technologies Inc. is seeking an IAM Engineer responsible for designing, implementing, and maintaining robust Identity and Access Management systems. The role focuses on ensuring proper access to resources while maintaining compliance with global security standards.
Responsibilities:
- Automate user onboarding, offboarding, and cross-boarding processes (Joiner-Mover-Leaver) across on-premise and cloud environments
- Implement and manage RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control) frameworks
- Configure and troubleshoot Single Sign-On (SSO) and Multi-Factor Authentication (MFA) using protocols like SAML, OAuth 2.0, and OIDC
- Manage high-security credentials and session recordings using tools like CyberArk or HashiCorp Vault
- Conduct regular access certification campaigns to ensure "least privilege" and compliance with regulations (SOX, GDPR, HIPAA)
- Manage identities across Azure AD (Entra ID), AWS IAM, and GCP, including service accounts and non-human identities
- Use Python or PowerShell to build custom connectors for third-party SaaS applications via REST APIs and SCIM
- Act as the Tier 3 escalation point for complex identity synchronization, authentication failures, and directory issues
Requirements:
- 5+ Years of experience in Identity and Access Management (IAM)
- Experience with Identity Lifecycle Management including user onboarding, offboarding, and cross-boarding processes
- Knowledge of Access Control Design, specifically RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control) frameworks
- Experience configuring and troubleshooting Single Sign-On (SSO) and Multi-Factor Authentication (MFA) using protocols like SAML, OAuth 2.0, and OIDC
- Experience with Privileged Access Management (PAM) tools like CyberArk or HashiCorp Vault
- Knowledge of Identity Governance (IGA) and conducting access certification campaigns
- Experience managing identities across Azure AD (Entra ID), AWS IAM, and GCP
- Ability to use Python or PowerShell to build custom connectors for third-party SaaS applications via REST APIs and SCIM
- Experience troubleshooting complex identity synchronization, authentication failures, and directory issues