 |
Job D5973 Description Click to apply: Please attach resume to mail |
| SOFT's client located in New York, NY ( Hybrid ) is looking for a Identity Access Management Engineer for a long term contract assignment. We’re looking for a hands-on Access Management Engineer with leadership potential to support and evolve enterprise identity services. This is a backfill role with a strong focus on day-to-day IAM operations, service optimization, and contributing to long-term strategy. Ideal for someone with solid IAM fundamentals who’s ready to step up and help guide a high-impact team. You’ll work closely with directory services, application teams, and information security to ensure proper provisioning, entitlements, and policy enforcement across a large-scale hybrid infrastructure. Responsibilities - Access Administration Oversight: Manage identity provisioning/deprovisioning workflows, access requests, and escalations for employees, contractors, and vendors. - Directory and Group Management: Support governance and lifecycle of AD / Azure / Entra ID security groups and distribution lists, including group ownership, naming conventions, and expiration policies. - Joiner-Mover-Leaver (JML) Workflow Execution: Monitor and refine onboarding/offboarding processes via SailPoint or similar IAM platforms. - Policy & Controls Alignment: Assist in implementing least-privilege access, SoD checks, and audit remediation efforts for regulated applications. - Team Leadership & Guidance: Act as a lead or escalation point for junior team members. Help manage queue priorities, ensure SLA compliance, and drive operational consistency. - IAM Documentation & SOPs: Maintain up-to-date documentation of access policies, procedures, and exception handling workflows. - Application Access Support: Liaise with app owners and business units to define and implement role-based access models. Qualifications - 4–7 years of experience in identity and access management, preferably in enterprise or public sector environments - Familiarity with tools like SailPoint IIQ, Azure Entra ID, Active Directory, ServiceNow, and MFA (Duo, Microsoft, etc.) - Strong understanding of access lifecycle, group management, and least-privilege models - Basic scripting or workflow logic knowledge (e.g., PowerShell or automation platforms) is a plus - Ability to communicate clearly with both technical and non-technical stakeholders - Demonstrated reliability and ownership in operational support environments- Experience with privileged access, RBAC design, or CIAM platforms - Audit or compliance exposure (e.g., NIST, SOX, NYS Cyber Regs) |
|