IAM Engineer
Indexed description
We are looking for a well-rounded and hands-on IAM Engineer with experience in Saviynt IGA development and a solid foundation in Identity and Access Management principles including Authentication and Privileged Access Management. This role will be instrumental in supporting and evolving our global IAM platforms, driving identity governance, secure access, and regulatory compliance.
About The Role
- Serve as the primary technical owner for enterprise Identity and Access Management (IAM) capabilities.
- Design, implement, and maintain Microsoft identity services including:
- Microsoft Entra ID (Azure AD)
- Multi-Factor Authentication (MFA)
- Single Sign-On (SSO)
- Conditional Access
- OATH and passwordless authentication technologies
- Privileged Identity Management (PIM)
- Just-In-Time (JIT) access controls
- Microsoft Defender for Identity
- Lead engineering and operational activities for Privileged Access Management (PAM) platforms.
- Drive Identity Governance and Administration (IGA) initiatives including access certifications, birthright provisioning, role management, segregation of duties, and lifecycle management.
- Develop automation solutions to improve identity operations, security controls, and governance processes.
- Integrate identity platforms with enterprise applications, cloud services, and security tooling.
- Partner closely with Security Operations, Infrastructure, Cloud Engineering, HR, Internal Audit, and Application teams.
- Define technical standards, architecture patterns, and roadmaps for identity security services.
- Lead troubleshooting and resolution of complex identity-related incidents and escalations.
- Microsoft Entra ID
- MFA and passwordless authentication
- SSO federation technologies (SAML, OIDC, OAuth)
- Conditional Access
- OATH authentication methods
- Privileged Identity Management (PIM)
- Just-In-Time (JIT) administration
- Microsoft Defender for Identity
- Microsoft Graph API
- Delinea (preferred)
- CyberArk
- BeyondTrust
- Similar enterprise PAM solutions
- Saviynt
- SailPoint
- Microsoft Identity Governance
- Similar enterprise IGA platforms
- Python
- PowerShell
- KQL (Kusto Query Language)
- Microsoft Graph
- REST APIs
- xperience securing hybrid Active Directory and cloud environments.
- Experience supporting large global enterprises.
- Familiarity with Zero Trust security principles.
- Experience designing identity architectures at enterprise scale.
- Knowledge of compliance frameworks and audit requirements.
- Security certifications such as:
- SC-300
- AZ-500
- CISSP
- Identity-focused Microsoft certifications
To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
LOCATIONMexico, D.F., MexicoFULL TIME/PART TIME
Full time
Current LS&Co Employees, apply via your Workday account.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search