Manager - Identity Access Management (IAM)

Role Overview

The Identity Access Management (IAM) Engineering Manager focuses on designing, implementing, and enhancing IAM solutions across Access Management (AM), Privileged Access Management (PAM), and Identity Governance & Administration (IGA) platforms. This role requires strong technical expertise in IAM technologies, automation skills, and experience integrating identity solutions across enterprise cloud and on-premises environments.

Responsibilities

Access Management (AM)

• Design and implement Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federation solutions using SAML, OAuth 2.0, OIDC, and WS-Fed protocols.
• Integrate enterprise and third-party applications with IAM platforms such as Microsoft Entra ID, Okta, or Ping Identity.
• Configure Conditional Access policies and authentication flows based on security best practices.
• Troubleshoot authentication, federation, and token-related issues.
• Configure custom user journeys and custom policies (Trust Framework) for sign-up, sign-in, password reset, and profile management.
• Design and implement Customer Identity and Access Management (CIAM) solutions using Microsoft Entra ID B2C (Entra External ID) or equivalent CIAM platforms.

Privileged Access Management (PAM)

• Implement and manage privileged access solutions such as CyberArk, BeyondTrust, or Delinea.
• Configure vaulting, session management, privileged account onboarding, and password rotation policies.
• Develop automation for privileged account lifecycle management and access approvals.
• Implement least privilege and Zero Trust principles for administrative access.

Identity Governance & Administration (IGA)

• Deploy and manage IGA platforms such as SailPoint, Saviynt, or Microsoft Entra ID Governance.
• Design and maintain access request workflows, approval processes, and certification campaigns.
• Implement automated Joiner-Mover-Leaver (JML) processes.
• Perform access reviews, entitlement analysis, and SoD (Segregation of Duties) monitoring.

Automation & Integration

• Develop scripts using PowerShell, Python, or REST APIs to automate IAM processes and integrations.
• Integrate IAM solutions with HR systems, ITSM tools, and enterprise applications.
• Build connectors and workflows for automated provisioning/de-provisioning.
• Support CI/CD pipelines for IAM configuration deployment.
• Implement Zero Trust architecture principles and identity-first security models.
• Conduct architecture reviews and recommend improvements aligned with industry best practices.
• Conduct periodic risk assessments related to identity and privileged access.
• Support audit activities and provide documentation for compliance requirements.
• Develop and execute test cases for IAM workflows, integrations, and policy configurations.
• Validate access controls and authentication flows to ensure secure deployment.
• Conduct penetration testing support and remediation for identity-related vulnerabilities.

Leadership & Team Management

• Lead, mentor, and manage a team of IAM engineers and analysts.
• Define team goals, KPIs, and performance objectives aligned with security strategy.
• Conduct performance reviews, coaching sessions, and skill development planning.
• Manage resource allocation, capacity planning, and project prioritization.
• Drive a culture of automation, innovation, and continuous improvement.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• 12+ years of hands-on experience in IAM (AM, PAM, IGA).
• Strong understanding of authentication protocols (OAuth 2.0, OIDC, SAML, LDAP, Kerberos).
• Experience with directory services (Active Directory, Azure AD/Entra ID).
• Proficiency in scripting and automation (PowerShell, XML, Python).
• Experience integrating enterprise applications with IAM platforms.
• Strong troubleshooting and analytical skills.
• Excellent communication and documentation abilities.

Preferred Qualifications

• Vendor-specific certifications (CyberArk, SailPoint, Entra ID).
• Familiarity with Zero Trust architecture frameworks.
• Experience working in MSSP or large enterprise environments.

Benefits

We offer a competitive benefits and compensation package, including flexibility in your schedule to help balance life’s demands while serving clients. Learn more about our total rewards at https://rsmus.com/careers/india.html.