IAM Architect (Long-Term Contracting)

Address: Across the street from Grand Central

Days in office: 3 days in office Comp: $ 130 / hr ( Corp to Corp or 1099 only )

Firm: Alternative Investment Firm

__________________________________________________________________________________________________________________

Position Summary

We are seeking a highly skilled and motivated IAM Engineer to join our cybersecurity team. This role is responsible for designing, implementing, and maintaining enterprise-wide identity and access management solutions, with a focus on Identity Governance and Administration (IGA), Access Management, and Privileged Identity Management (PIM). The ideal candidate will have a strong technical background, a deep understanding of IAM frameworks, and experience with modern IAM platforms.

Key Responsibilities

Identity Governance & Administration (IGA)

Design and implement IGA solutions to manage the identity lifecycle (provisioning, de-provisioning, certification, and access reviews).

Integrate IGA tools with HR systems, directories, and business applications.

Develop and enforce role-based access control (RBAC) and attribute-based access control (ABAC) models.

Automate identity workflows and approval processes.

Conduct periodic access reviews and audits to ensure compliance with internal policies and regulatory requirements.

Access Management

Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federation services.

Integrate access management solutions with cloud and on-premise applications.

Define and enforce access policies and authentication mechanisms.

Monitor and respond to access anomalies and threats.

Privileged Identity Management (PIM)

Deploy and manage PIM solutions to secure, monitor, and control privileged accounts.

Implement least privilege access and just-in-time (JIT) access models.

Monitor privileged session activity and generate audit logs.

Conduct periodic reviews of privileged access and enforce segregation of duties (SoD).

Required Qualifications

Bachelor’s degree in Computer Science, Information Security, or a related field.

3–5+ years of experience in IAM engineering or a related cybersecurity role.

Hands-on experience with IAM platforms such as SailPoint, Saviynt, Okta, CyberArk, Azure AD, or similar.

Strong understanding of identity lifecycle, RBAC/ABAC, SAML, OAuth, OpenID Connect, LDAP, and Active Directory.

Strong hands on and demonstrable experience with scripting and automation with PowerShell – Azure and core.

Experience with other scripting and automation with Python and other common scripting languages.

Familiarity with compliance standards such as SOX, HIPAA, GDPR, or ISO 27001.

Preferred Qualifications

IAM certifications (e.g. Microsoft Identity and Access Administrator).

Experience with cloud IAM (AWS IAM, Azure AD, GCP IAM).

Knowledge of DevSecOps and integration of IAM into CI/CD pipelines.

Soft Skills

Strong analytical and problem-solving skills.

Excellent communication and documentation abilities.

Ability to work independently and collaboratively in a fast-paced environment.