Identity & Access Management Engineer III

Tustin, California
IDj-13069
Job TypeDirect Hire
Remote TypeOn-Site
Compensation$103000 - $135000 / yr

This role requires candidates who are currently authorized to work in the U.S. without sponsorship, and C2C arrangements are not accepted. This role is onsite near Tustin, CA.

 

Overview

We are seeking an experienced Identity & Access Management Engineer III to support enterprise identity governance, access controls, lifecycle automation, and compliance initiatives. This role will manage Identity Governance & Administration operations, including user provisioning, access certifications, role-based access, entitlement reviews, and SaaS access governance.

Responsibilities

  • Manage identity lifecycle processes, including joiner, mover, and leaver workflows.
  • Administer IGA platforms such as Okta, Microsoft Entra, SailPoint, or similar tools.
  • Support access requests, entitlement reviews, and periodic access certifications.
  • Design and maintain role-based access control and least-privilege access models.
  • Define and remediate Segregation of Duties conflicts.
  • Build and troubleshoot integrations using SCIM, SAML, OAuth/OIDC, LDAP, REST APIs, and related protocols.
  • Automate IAM workflows using PowerShell, Python, or similar scripting tools.
  • Support SaaS access governance, shadow IT reviews, and OAuth grant reviews.
  • Maintain IAM documentation, SOPs, workflow diagrams, and audit evidence.
  • Partner with Security, IT, HR, Compliance, and business teams to improve access governance and reduce risk.
  • Support compliance with HIPAA, HITRUST, PCI DSS, ISO 27001, NIST, and similar frameworks.

Qualifications

  • 6+ years of Identity & Access Management experience.
  • 2+ years of hands-on experience with an enterprise IGA platform.
  • Experience with identity lifecycle management, RBAC, access governance, and provisioning workflows.
  • Experience with SoD policies, entitlement reviews, and access certification campaigns.
  • Strong understanding of SCIM, SAML, OAuth/OIDC, LDAP, REST APIs, and identity integrations.
  • Scripting experience with PowerShell, Python, or similar tools.
  • Strong communication skills with the ability to work across technical and business teams.

Preferred Skills

  • IAM/IGA certifications such as Okta, Microsoft Entra, SailPoint, CISSP, CISM, or CISA.
  • Experience with PAM tools, SaaS security posture tools, or non-human identity governance.
  • Healthcare, life sciences, financial services, or other regulated industry experience.

Drag & Drop Resume

(PNG, JPEG, PDF, DOC, TXT)

Message & data rates may apply to all numbers allowed to receive messages

Message frequency varies. Text STOP to opt-out or HELP for assistance