IAM Engineer at Kforce Inc.
Northbrook, IL 60062
About the Job
- Design, implement, and maintain scalable IAM solutions, including identity lifecycle management, access governance, role-based access control (RBAC), privileged access management (PAM) and single sign-on (SSO), with a strong focus on leveraging Saviynt's capabilities
- Manage end-to-end IGA projects, including requirements gathering, solution design, implementation, testing, and deployment; Saviynt experience is highly preferred
- Configure and manage authentication mechanisms, such as multi-factor authentication (MFA), single sign-on (SSO), and adaptive authentication
- Define and enforce authorization policies based on the principle of least privilege
- Collaborate with cross-functional teams to integrate IAM solutions with other security and IT systems
- Work closely with application developers and teams to ensure seamless integration of IAM controls within applications
- Oversee the onboarding of applications onto the IAM platform, ensuring seamless integration with Saviynt and adherence to security policies
- Collaborate with stakeholders across the organization to understand business needs and translate them into technical requirements, with a view to optimizing IAM functionality
- Develop and maintain access control policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices
- Provide guidance and mentorship to the IAM team, fostering a culture of continuous improvement and innovation
- Conduct regular access reviews and audits to ensure compliance with security policies and regulatory requirements
- Provide documentation and reports for internal and external audits related to IAM controls
Requirements:
- Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field
- 6+ years of Identity and Access Management, with at least 3 years proven experience as an IAM Engineer or in a similar role
- Proven track record of successful delivery of IGA projects and application onboarding initiatives, with significant experience using Saviynt or similar technology
- Strong understanding of IAM principles, frameworks, and technologies, including SAML, OAuth, OpenID Connect, LDAP, SOAP, REST, SCIM etc.
- Experience with leading IAM platforms such as SailPoint, Okta, Oracle, Microsoft Azure AD, Active Directory, and in-depth knowledge of Saviynt
- Proficient in designing and implementing privileged access management solutions to secure and monitor privileged accounts and activities. Experience with Privileged Access Management solutions such as Delinea (Thycotic/Centrify), Beyond Trust, CyberArk
- Knowledge and understanding of legal and regulatory requirements, such as: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry/Data Security Standard, GDPR, and PIPL
- Knowledge of information security risk management frameworks and compliance practices, including ISO 27001, SOC2 Type 2, and NIST 800-30
- Relevant certifications such as CISSP, CISM, or vendor-specific IAM certifications, including Saviynt certifications, are highly desirable
- Knowledge of Customer IAM is preferred
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
