Lead Identity & Access Management Engineer--Harrisburg, PA(Hybrid)

Role: Lead Identity & Access Management Engineer

Location: Harrisburg, PA(Hybrid)

• Consultant must work EST hours.
• Candidates from PA, NJ, NY, DE, and OH will be given preference.

Description of Duties:

• Design and implement Identity and Access Management (IAM) solutions to support seamless authentication for external customers and internal end users using multiple sign-in methods, ensuring a secure and user-friendly experience.
• Enhance IAM integration with enterprise applications, including customization of user journeys, attribute collection, and verification processes to improve customer self-service and identity management. Configure and manage Single Sign-On (SSO), Multifactor Authentication (MFA), and Identity Federation across multiple platforms like Microsoft Dynamics, Power Pages, SAP, Nuance IVR, CoPilot Contact center, Cisco WebEx Contact center.
• Implement Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) policies to enforce least-privilege principles.
• Develop and maintain IAM governance frameworks, including writing policies for ensuring compliance with internal and external regulatory requirements.
• Use tools like Terraform and scripting languages (e.g., PowerShell and Python) to automate IAM processes and user lifecycle management.
• Integrate IAM solutions with cloud platforms, on-premise systems, and third-party applications.
• Manage provisioning, de-provisioning, and access reviews for enterprise users and applications.
• Ensure accurate identity synchronization between D365, SAP, Entra ID, and other systems.
• Utilize Azure Defender, SailPoint, IdentityNow, and other tools to strengthen IAM security posture.
• Monitor IAM systems for unusual activity, ensuring timely detection and remediation of threats.
• Collaborate with cross-functional teams, including IT security, compliance, and business units, to align IAM solutions with organizational goals.
• Provide technical support for IAM-related incidents and escalations.
• Develop and maintain a productive working relationship with technology staff, business owners, project sponsors, vendors, and key clients.
• Lead and participate in project team activities for system work efforts related to enterprise systems.
• Work independently to accomplish the tasks and duties assigned.
• Adhere to and follow all of the client s standards, policies, and procedures.
• Utilize various software and/or technology tools to perform job duties.
• Perform tasks and other duties as related to this position and role and assigned by the client.
  Desired Skillset:

• Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 5 7 years of experience in IAM engineering, with a focus on D365, SailPoint, Entra ID, Azure B2C, and SAP.
• Hands on proficiency in configuring and managing SailPoint, Entra ID, Azure B2C, Azure AD Conditional Access, and SAP IAM modules.
• Strong understanding of IAM protocols such as SAML, OAuth, OpenID Connect, and LDAP.
• Hands-on experience with identity governance tools, role mining, and access certification.
• Experience in shell scripting (PowerShell, Python) for automating IAM workflows.
• Familiarity with integrating IAM systems with hybrid cloud environments.
• Relevant certifications, such as:
• SailPoint Certified Identity Professional
• Microsoft Entra ID Administrator Associate
• Azure Solutions Architect Expert
• SAP Security Certification
• Familiarity with DevSecOps practices and integrating IAM into CI/CD pipelines.