CrawlJobs Logo

Senior Engineer – Identity Governance & Administration

beacontechinc.com Logo

Beacon Technologies

Location Icon

Location:
United States , Appleton

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Beacon Technologies is seeking a Senior Engineer – Identity Governance & Administration (IGA) for our client partner. As a Senior Engineer, you will serve as a technical expert in Identity Governance & Administration (IGA), responsible for designing and integrating solutions across the enterprise using Saviynt as the primary platform. You will determine specifications; plan, design, and develop software, integrations, and data pipelines that enable accurate role/entitlement models, automated governance workflows, and measurable compliance outcomes. Working independently and collaboratively within a product team, you’ll deliver scalable, resilient capabilities while mentoring engineers and defining patterns that raise the bar for system excellence. The role can be remote, but will need to be onsite in Appleton, WI 2-3 times/year.

Job Responsibility:

  • Lead engineering of RBAC/ABAC models in Saviynt, including naming conventions, hierarchical role taxonomies, inheritance, and lifecycle controls
  • Translate Segregation of Duties requirements into enforceable Saviynt policies, risk models, and control rules
  • design analytics and alerting to detect violations
  • Define source-of-truth and reconciliation strategies
  • model identity attributes and entitlement relationships to support clean access patterns
  • Architect and document integrations with HRIS (e.g., Workday), directories (AD/AAD), and key SaaS applications using APIs and standardized connectors
  • Build and maintain ETL/ELT pipelines for identity data
  • implement data quality checks and schema evolution strategies
  • Develop scripts (PowerShell/Bash/Python) and Saviynt workflows to automate provisioning, role assignments, certifications, and evidence collection
  • Configure roles, entitlements, policies, approval flows, and campaigns in Saviynt
  • stabilize vendor-led implementations
  • Deliver software and configurations that meet/exceed expectations for stability, scalability, resilience, and maintainability
  • Participate in product planning, backlog refinement, and technical design reviews
  • Establish standards for configuration-as-code, code review practices, and environment promotion
  • Promote CI/CD pipelines for IGA artifacts and implement observability for IGA services
  • Contribute to vendor/tool evaluations and collaborate with vendor engineering
  • Mentor engineers through code reviews, pairing, and targeted training
  • Engage in recruiting and foster a culture of continuous improvement

Requirements:

  • Bachelor’s degree in Computer Science, Information Systems, or equivalent experience
  • 7+ years in engineering environments delivering complex integrations and software solutions
  • 3+ years hands-on with IGA platforms (preferably Saviynt), including role mining, lifecycle governance, SoD policy design, and campaign configuration
  • Strong proficiency in SQL and scripting (PowerShell/Bash/Python)
  • Experience integrating HRIS (e.g., Workday) and directories (AD/AAD)

Nice to have:

  • Deep hands-on with Saviynt EIC and stabilizing complex vendor configurations
  • Experience in regulated industries (e.g., financial services) and familiarity with SOX/GLBA/PCI
  • Exposure to data engineering platforms and observability stacks
  • Security or audit certifications (CISSP, CISA, CRISC) or willingness to obtain within 24 months
What we offer:
  • Career advancement opportunities
  • Extensive training
  • Excellent benefits including paying for health and dental premiums for salaried employees

Additional Information:

Job Posted:
January 07, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Beacon Technologies - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Engineer – Identity Governance & Administration

IAM Senior Engineer - Active Directory/Entra ID

HPE Global IT is seeking a highly skilled Senior Active Directory (AD), Entra ID...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
  • 10+ years of IT or cybersecurity experience
  • 7+ years focused on AD, Entra ID, and Azure identity engineering in enterprise-scale environments
  • Deep hands-on experience managing multi-forest AD environments (schema, replication, delegation, GPOs, DNS, DHCP)
  • Strong expertise with Entra ID and hybrid identity integration (Entra Connect / Cloud Sync, federation, SSO)
  • Hands-on experience with Azure governance, RBAC, PIM, and access policy enforcement
  • Experience implementing conditional access, passwordless, and phishing-resistant MFA in Entra and Azure
  • Proficiency in PowerShell scripting, Graph API, and Azure automation for identity management and reporting
  • Solid understanding of authentication protocols (Kerberos, NTLM, LDAP, SAML, OIDC, OAuth2)
  • Familiarity with Zero Trust, tiered admin models, and directory hardening practices
Job Responsibility
Job Responsibility
  • Engineer, deploy, and optimize Active Directory, Entra ID, and Azure identity services across enterprise-scale hybrid environments
  • Design and manage multi-forest AD architectures, including schema extensions, replication, delegation, and hardening
  • Implement and maintain cross-domain and cross-tenant synchronization between AD and Entra ID using Entra Connect or Cloud Sync
  • Engineer secure authentication and federation flows leveraging Kerberos, NTLM, SAML, OIDC, and OAuth2
  • Implement and enhance conditional access, MFA, passwordless, and FIDO2 authentication methods in Entra and Azure environments
  • Support Zero Trust Directory Security through tiered administration, least privilege, and delegated access controls
  • Partner with cloud and infrastructure teams to ensure secure integration of Azure resources with enterprise identity services
  • Maintain and secure domain controllers, DNS, DHCP, and Group Policy Objects (GPOs) across global environments
  • Manage Azure AD tenants, subscriptions, and resource access controls (RBAC, PIM, Entra roles)
  • Integrate on-prem AD with Azure workloads, Microsoft 365, Intune, and other SaaS applications
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Senior System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 10+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Senior System Security and Information Assurance Engineer

The Senior PAM Engineer will play a critical role within Line of Effort 2, respo...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret clearance with SCI eligibility
  • Master’s degree (MA/MS) in Cybersecurity, Information Technology, Computer Science, Engineering, or related field
  • 10+ years of professional experience in cybersecurity, systems engineering, or information assurance
  • Meets Cyber Engineer – Senior labor category requirements, including independent execution of all functional duties and support to mission-critical program elements
  • DoD 8570 IAT Level II certification or higher (e.g., Security+ CE, CCNA Security)
  • Deep expertise in Privileged Access Management (PAM) architectures and Zero Standing Privilege concepts
  • Hands-on experience implementing Just-In-Time (JIT) access workflows
  • Experience integrating PAM solutions with Active Directory, SIEM platforms (Splunk), and Identity Governance (IGA) tools
  • Experience producing technical documentation to support RMF and ATO processes (LLDs, SSPs, SOPs)
  • Ability to lead or oversee the efforts of less senior staff as required by program needs
Job Responsibility
Job Responsibility
  • Lead the installation, configuration, and technical implementation of an enterprise Privileged Access Management (PAM) solution (Delinea-focused) across multiple network enclaves
  • Discover, inventory, and onboard privileged user, administrator, and service accounts into a secure credential vault
  • Design and enforce policies for Just-In-Time (JIT) access, session monitoring, and session recording to achieve zero standing privileges
  • Develop scripts and API-based integrations between the PAM solution, Splunk SIEM, and Identity Governance (IGA) platforms
  • Support RMF accreditation activities by developing Low-Level Design (LLD) documents, System Security Plans (SSPs), and Standard Operating Procedures (SOPs)
  • Support Authority to Operate (ATO) efforts through security control implementation and technical validation
  • Lead enterprise rollout of PAM policies from pilot groups to full operational enforcement
  • Collaborate with Zero Trust architects, identity teams, and cyber engineers to ensure alignment with enterprise security architecture
Read More
Arrow Right

Senior Cyber Security Engineer II-Identity Governance

The Sr. Cyber Security Engineer II – Identity Governance is a pivotal role respo...
Location
Location
United States , Framingham
Salary
Salary:
139000.00 - 191000.00 USD / Year
staplespromo.com Logo
Staples Promotional Products
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, or a related field or equivalent work experience
  • 10 or more years of progressively complex experience in cybersecurity
  • Proven experience with cybersecurity frameworks (e.g., NIST, ISO 27001)
  • Hands-on experience with security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content filtering
  • Knowledge of network protocols and data encryption methods
  • Hands-on experience supporting Active Directory in an enterprise environment
  • Practical experience with identity and access management concepts including: user lifecycle provisioning, entitlement management, role-based access control (RBAC)
  • Experience building or supporting application integrations with an IGA platform
  • Experience supporting SSO and authentication integrations
  • Working knowledge of conditional access and modern authentication controls
Job Responsibility
Job Responsibility
  • Engineer, maintain, and secure Active Directory components including domains, OUs, group structures, service accounts, and delegated administration models
  • Support hybrid identity patterns integrating on‑premises Active Directory with cloud identity platforms
  • Partner with infrastructure and cloud teams to ensure directory services are resilient, monitored, and aligned to security best practices
  • Apply Zero Trust security concepts to identity systems, recognizing Active Directory and identity connectors as high‑risk control plane assets
  • Support privileged access separation, administrative role scoping, and least‑privilege enforcement across identity platforms
  • Participate in hardening initiatives to reduce privilege escalation paths and credential exposure within identity services
  • Implement and support SSO and federation integrations using industry‑standard protocols (SAML, OIDC, OAuth)
  • Assist in designing and maintaining conditional access policies based on user risk, role, device posture, and authentication context
  • Troubleshoot authentication and authorization issues across directories, identity providers, and integrated applications
  • Support joiner / mover / leaver lifecycle processes across Active Directory and downstream applications
What we offer
What we offer
  • Competitive base salary + bonus on eligible positions
  • 22 days plus 7 major holidays and 1 floating holiday
  • Company match 401(k) plan
  • Online and retail discounts
  • Physical and mental health wellness programs
  • Daycare, cafeteria, fitness center, and coffee shop at our HQ
  • Inclusive culture with associate-led Business Resource Groups
  • Fulltime
Read More
Arrow Right

Identity Governance and Administration (IGA) Engineer

Barbaricum is seeking an Identity Governance and Administration (IGA) Engineer t...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret clearance with SCI eligibility
  • Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Computer Science, or related field
  • 3–10 years of relevant experience (Journeyman) or 10+ years of experience (Senior)
  • Hands-on experience implementing and administering SailPoint identity governance solutions
  • Strong knowledge of Active Directory, LDAP, and Azure Active Directory structures and management
  • Experience implementing Role-Based Access Control (RBAC), Separation of Duties (SoD), and access certification processes
  • Required: CompTIA Security+ CE (DoD 8570 IAT Level II)
Job Responsibility
Job Responsibility
  • Deploy and administer SailPoint IdentityNow or IdentityIQ across enterprise environments
  • Design and automate identity lifecycle processes including Joiner, Mover, and Leaver (JML) workflows
  • Define and manage identity attribute schemas supporting Attribute-Based Access Control (ABAC) models
  • Implement access certification campaigns and governance processes to maintain compliance with audit requirements
  • Develop and maintain role-based and attribute-based access models within SailPoint
  • Integrate SailPoint with Active Directory, Azure Active Directory (Entra ID), and enterprise applications
  • Support synchronization of identity data across classified and unclassified networks
Read More
Arrow Right

IT Lead

We are looking for a hands-on IT Lead to lead and scale Codeway’s internal IT fu...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
codeway.co Logo
Codeway
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in Computer Engineering, Information Systems, Cyber Security, or a related field
  • Strong English communication skills
  • 7–10+ years of experience in Internal IT, Infrastructure, Network & Systems Administration, Security, or related areas
  • Experience leading technical teams and coordinating cross-functional IT initiatives
  • Hands-on experience with internal IT operations, infrastructure, network environments, and workplace technology
  • Solid knowledge of IT security fundamentals, including endpoint and network security, vulnerability management, and patching practices
  • Strong understanding of Identity & Access Management (SSO, MFA, RBAC, access governance, lifecycle management)
  • Experience managing SaaS environments, vendors, software licensing, and IT budgets
  • Experience with endpoint management and MDM platforms, including device lifecycle operations
  • Proven ability to build scalable IT processes, improve operational standards, and support audit/compliance readiness
Job Responsibility
Job Responsibility
  • Lead and mentor the IT team (Senior Cyber Security Engineer, IAM Administrator, Senior Network Engineer), define priorities and execution plans across infrastructure, network operations, IAM, and internal security, and build scalable processes, ownership models, and operational standards
  • Act as the main escalation point for critical IT issues and operational risks while partnering with leadership to align IT initiatives with company priorities
  • Identify capability gaps, lead hiring for future IT and security roles, and manage the IT budget across infrastructure, licensing, and vendor spend
  • Ensure the reliability, performance, and security of Codeway’s internal IT infrastructure and office network environments, including firewalls, VPNs, switches, wireless networks, and segmentation
  • Guide infrastructure lifecycle management, capacity planning, backups, disaster recovery, and change management for internal IT systems
  • Oversee endpoint and workplace technology operations, including device lifecycle management through MDM platforms, asset inventory tracking, and employee onboarding/offboarding support
  • Own and strengthen Codeway’s internal IT security capabilities across endpoint security, identity and access governance, device management, and network security
  • Oversee core platforms such as Okta, MDM, EDR/XDR, SIEM, and NAC while driving least-privilege access models, security baselines, and effective access lifecycle management
  • Identify internal security and access risks, ensure remediation plans are executed, and support incident response related to infrastructure, endpoints, and identity systems
  • Improve IT policies, documentation standards, and operational processes while establishing KPIs, SLAs, and performance metrics for internal IT services
What we offer
What we offer
  • Private health insurance
  • A generous meal card
  • Full visa & relocation support if you’re moving to Barcelona
  • Annual learning & development budget for courses, tools, or events that support your growth
  • Free access to Codeway’s suite of apps across productivity, wellness, and education
  • A top-notch office in the heart of the city
  • Fulltime
Read More
Arrow Right

IAM Security Engineer – Identity Governance & Administration

We are seeking a Senior IAM Security Engineer specializing in Identity Governanc...
Location
Location
United States , Indianapolis
Salary
Salary:
40.00 - 48.00 USD / Hour
solomonpage.com Logo
Solomon Page
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
  • Strong hands-on experience with IGA platforms such as SailPoint and/or Saviynt
  • Experience managing user, entitlement, privileged, and non-human identity certifications
  • Solid understanding of IAM concepts including: Least privilege and access governance, Role-Based Access Control (RBAC), Non-human identity management, Joiner / Mover / Leaver (JML) lifecycle
  • Experience supporting access governance audits and compliance activities
  • Strong Excel and documentation skills
  • Strong project coordination or project management experience
Job Responsibility
Job Responsibility
  • IGA Certification Lifecycle Execution
  • Own the end-to-end lifecycle of access certifications, including design, configuration, launch, monitoring, escalation, closure, and documentation
  • Configure and manage certifications within SailPoint and Saviynt
  • Define certification parameters including scope, reviewers, schedules, escalation rules, and completion criteria
  • Monitor certification campaigns daily and manage reviewer follow-ups, escalations, and overdue items
  • Post-Certification Remediation & Follow-Through
  • Manage all post-certification remediation activities
  • Partner with IAM provisioning teams and application owners to ensure remediation activities are properly executed
  • Ensure certifications are closed with complete, audit-ready documentation and evidence
  • Audit Readiness & Governance
What we offer
What we offer
  • medical
  • dental
  • 401(k)
  • direct deposit
  • commuter benefits
  • Fulltime
Read More
Arrow Right