Contract Sailpoint Engineer with SailPoint Identity Security Cloud - Needham MA OR Remote EST Hours

Yoh, A Day & Zimmermann Company is seeking a SailPoint Engineer for their team. This senior technical role involves the design, implementation, and ongoing management of SailPoint Identity Security Cloud capabilities, while collaborating with various stakeholders to enhance identity governance and lifecycle management processes.

Responsibilities:

• Act as a subject matter expert for SailPoint Identity Security Cloud, owning configuration, design decisions, and technical standards
• Lead the evolution of ISC capabilities including identity lifecycle management, access governance, certifications, monitoring, standards and policy enforcement
• Partner with vendors and internal engineering teams to resolve complex platform and integration issues
• Maintain and extend frameworks to ensure roles remain current, risk-aware, and aligned to least-privilege principles
• Support the roles team in the extension of the RBAC model across Wellington and advise on new and revised platform capabilities that can be applied in the role model and application of least privilege
• Ensure SailPoint ISC is effectively monitoring, detecting, and alerting inappropriate or unauthorized access
• Support and enhance access certification campaigns, policy enforcement, and audit readiness
• Continuously assess and adopt new SailPoint ISC features that add measurable business or security value
• Own platform monitoring capabilities across on network and cloud resources
• Lead the integration of new applications, platforms, and data sources into SailPoint ISC
• Define and maintain standardized integration patterns and onboarding models for application teams
• Develop and promote database and data access governance strategies aligned with least privilege and regulatory expectations
• Extend current Joiner, Mover, and Leaver processes using SailPoint ISC functional capabilities
• Ensure Joiners receive appropriate access on day one, movers are automatically detected and reviewed, and leavers are deprovisioned in a timely and controlled manner
• Work with upstream and downstream system owners to ensure JML dependencies are understood and consistently followed
• Support the assessment and migration of legacy IAM / IAG toolsets into SailPoint ISC where applicable
• Define migration approaches, capability mapping, and stakeholder communication plans
• Partner with ServiceNow teams to ensure request and fulfilment workflows align with SailPoint ISC role and lifecycle models

Requirements:

• 5+ years' experience in Identity & Access Management / Identity Governance
• Strong hands-on experience with SailPoint Identity Security Cloud (ISC) (or SailPoint IIQ with demonstrated cloud transition experience)
• Proven Active Directory knowledge and administration; including Entra ID
• Proven experience delivering RBAC, access certifications, lifecycle automation, and application integrations at scale
• Experience integrating IAM platforms with HR systems, Active Directory, applications, and databases
• Strong understanding of identity lifecycle management, provisioning, and de-provisioning workflows
• Ability to apply all of the above using Java or PowerShell as required
• Excellent communication skills with the ability to translate complex technical concepts for business and security stakeholders
• Experience working in global, matrix-managed teams across multiple time zones
• Experience migrating from legacy IAG tools
• Working knowledge of ServiceNow request and fulfilment workflows
• Database platforms and concepts (e.g. Oracle, SQL)
• API-based integrations and identity context sharing
• Security certifications such as CISSP, CISM, or equivalent