Sr. IAM Engineer | Remote, USA

This position can be hired remotely anywhere within the U.S.

The IAM (Identity and Access Management) Engineer is responsible for leading, implementing, and administering IAM and RBAC (Role-Based Access Control) platforms across the organization. This role ensures compliance with regulatory standards, optimizes security configurations, and maintains seamless operation of IAM systems in a hybrid cloud and on-premises environment.

How you'll make an impact

• Lead the implementation and administration of IAM and RBAC platforms.

• Drive major initiatives for IAM and RBAC automation and development across the organization.

• Ensure adherence to ISO and NIST standards and organizational security policies for all IAM solutions.

• Respond to break/fix requests and monitor IAM environments.

• Handle Level 2 tickets for bugs, outages, and feature requests.

• Support the IT team in change management processes for development, QA, and production environments.

• Maintain IAM policies, standards, and procedures.

• Ensure compliance with regulatory and internal requirements.

• Provide compliance-related reports as needed.

• Maintain applications and systems related to IAM and RBAC.

• Support ServiceNow tickets for access requests to systems and applications.

• Ensure 99.99% system availability on a 24/7/365 basis for cloud and on-premises systems.

• Direct daily IAM operations, including access provisioning, deprovisioning, and regular audits to ensure compliance and efficiency.

• Build and maintain IAM policies for physical devices, API keys, cloud identities, and multi-factor authentication (MFA).

• Report on IAM metrics and performance to senior management.

• Highlight and identify areas for improvement in IAM initiatives.

• User Authentication Enhancements:

• Continuously improve methods for MFA, single sign-on (SSO), and related authentication processes to enhance security and user experience.

What we're looking for

• Bachelor’s degree in computer science, IT, or a related field, or equivalent work experience.

• Minimum of 9 years of experience in IAM and RBAC support under ISO 27001 & NIST 800-53 policies and procedures.

• Extensive experience in implementing modern IAM practices, from physical devices to cloud platforms.

• Hands on experience with CyberArk Identity, including SSO for cloud, SaaS and legacy applications; adaptive MFA; automated user lifecycle management; identity governance and access certifications; endpoint privilege management across Windows, macOS, and Linux; and secure workforce password management.

• Active Directory (AD Directory Services, ADFS, Forest Trust, AD Rights Management).

• Entra ID (AAD Connect, Conditional Access Policy, Entitlement Management).

• Third-party PAM solutions.

• SailPoint, SecureAuth IDP

• In-depth knowledge of IAM frameworks and best practices.

• Manage and maintain digital certificate lifecycle using Venafi Trust Protection platform

• Authentication protocols such as SAML and LDAP.

• Authorization concepts and hybrid domain environments.

• Familiarity with NIST guidelines for access administration, enforcement, and governance.

• Experience managing both public cloud and on-premises IAM solutions.

• Strong analytical and troubleshooting skills.

• Ability to work collaboratively across teams and with senior leadership.

• Excellent verbal and written communication skills.

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities.  For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.