Senior Identity & Access Management (IAM) Engineer – CyberArk & Microsoft Entra ID

Role Overview

We are seeking a seasoned Identity & Access Management (IAM) Engineer to support and enhance enterprise IAM and PAM capabilities. The role will focus on CyberArk Privileged Access Management , Microsoft Entra ID (Azure AD as IdP) , and modern authentication technologies including SSO, OAuth/OIDC, and MFA across cloud and on‑prem environments.

The ideal candidate has hands-on delivery experience in large-scale enterprise or regulated environments (banking, financial services, healthcare, or similar).

Key Responsibilities

Identity Provider & Access Management

• Design, configure, and support Microsoft Entra ID (Azure AD) as the primary Identity Provider (IdP).
• Implement and manage Single Sign-On (SSO) for SaaS, cloud, and custom applications.
• Configure and support authentication protocols:
  • OAuth 2.0
  • OpenID Connect (OIDC)
  • SAML 2.0
• Implement and maintain Multi-Factor Authentication (MFA) and Conditional Access policies.
• Support identity lifecycle management, RBAC, and least-privilege access models.

Privileged Access Management (CyberArk)

• Implement, administer, and support CyberArk PAM solutions, including:
  • Vault
  • CPM (Central Policy Manager)
  • PSM / PSMP
• Onboard privileged accounts (Windows, Linux/Unix, DB, Application, Cloud).
• Manage password rotation, access workflows, and session monitoring.
• Perform CyberArk troubleshooting, upgrades, patching, and health checks.

Security, Compliance & Operations

• Ensure IAM and PAM controls align with enterprise security standards and regulatory requirements (SOX, SOC2, ISO, etc.).
• Support internal and external audits related to identity and access.
• Work with Security, Infrastructure, Cloud, and Application teams on integrations.
• Provide L2/L3 operational support and incident resolution.
• Prepare technical documentation, runbooks, and SOPs.

Required Skills & Qualifications

Mandatory Skills

• 5–8 years of experience in Identity & Access Management.
• Strong hands-on experience with CyberArk PAM.
• Strong hands-on experience with Microsoft Entra ID (Azure AD) as an Identity Provider (IdP).
• Proven experience implementing:
  • SSO
  • OAuth 2.0
  • OpenID Connect (OIDC)
  • SAML 2.0
  • MFA
• Solid understanding of Active Directory, LDAP, and authentication flows.
• Experience supporting enterprise-scale IAM solutions in production environments.

Preferred / Nice-to-Have

• Cloud exposure: GCP (preferred).
• Scripting experience (PowerShell, Python).
• IAM/PAM experience in financial services or regulated industries.
• Relevant certifications:
  • CyberArk Certification (CDE, Sentry)
  • Microsoft Identity & Security certifications

Soft Skills

• Strong analytical and troubleshooting abilities.
• Clear communication with technical and non-technical stakeholders.
• Ability to work independently and within cross-functional teams.
• Experience working with distributed / global teams.

Education

• Bachelor’s degree in Computer Science, Engineering, Information Security, or equivalent experience.