Favicon of Comcast

Principal IAM Engineer (SailPoint)

at Comcast

Role Overview

The IAM Principal Engineer is responsible for driving the development, maintenance, and continuous improvement of the identity and access management program, delivering secure and scalable access solutions for the enterprise. This role involves architecting, building, and operating IAM at scale, anchoring the SailPoint IdentityIQ platform, and leading hands-on engineering while mentoring a small team of specialized developers. As a subject matter expert, you will develop custom solutions for identity management, privileged access management, and broader information security best practices, collaborating across technology domains to uphold enterprise security standards.

Responsibilities

  • Own and advance the SailPoint IdentityIQ platform, including workflows, rules, connectors, provisioning policies, and forms.
  • Architect and develop scalable IAM solutions across identity federation, directory services, and multi-source synchronization.
  • Design and deliver automation and access governance for enterprise needs.
  • Integrate IAM with the broader security stack, including MFA, PAM, AD/LDAP, and cloud identity providers.
  • Mentor a small team of engineers, providing technical and strategic guidance to ensure successful delivery.
  • Lead Proof of Concepts (POCs), capacity planning, and end-to-end testing for new system capabilities and integrations.
  • Manage day-to-day engineering, support, and maintenance activities across all IAM technologies to ensure operational excellence and system reliability.

Requirements

  • 10+ years of experience in IAM engineering.
  • Deep, hands-on expertise in SailPoint IdentityIQ (configuration and code).
  • Strong IAM architecture fundamentals, including authentication, authorization, federation, and identity lifecycle (JML).
  • Solid working knowledge of LDAP, Active Directory, MFA, and Privileged Access Management (PAM).
  • Programming proficiency in Java and BeanShell, plus experience with SQL and RDBMS.
  • Bachelor’s Degree in Computer Science, Computer Engineering, or a related technical field (or equivalent professional experience).

Preferred Qualifications

  • Experience with Radiant Logic (RadiantOne FID / VDS, Global Sync) for virtual directory, Federated Identity Management (FIM), and identity correlation.
  • Familiarity with Okta, Ping, ForgeRock, CyberArk, or Microsoft Entra ID (Azure AD).
  • Cloud identity experience on Azure, AWS, or GCP.
  • Experience with Kubernetes and Helm deployment.
  • Web services development experience using REST APIs and JSON.

Compensation and Benefits

Salary Range: $142,361.11 - $213,541.67 (Base pay is determined by experience and other job-related factors).

Comprehensive benefits include:

  • Medical, prescription, vision, and dental insurance.
  • 401(k) savings plan with dollar-for-dollar matching up to the first 6% of pay.
  • Paid time off, including eight observed company holidays and flex time.
  • Tuition assistance and commuter benefits.
  • Exclusive perks and discounts on products and services.
Required Skills:
OktaAzure AD / Entra IDCyberArkSailPointForgeRockLDAPActive DirectoryLDAP DirectoriesPrivileged Access Management (PAM)Multi-Factor Authentication (MFA)
Benefits:
Health insuranceDental & vision401k matchingFlexible PTOTuition reimbursementCommuter benefits
Category:
Related IAM Topics:

Share:

Promote
  • Location


    Mount Laurel, US
  • Salary


    $140K to $220K per year
  • Job Type


    Full Time
  • Work Mode


    Onsite
  • Experience


    Senior Level
  • Posted


    Jun 30, 2026
Ad
Favicon

 

  
 
Visit Comcast