Lead IAM Engineer (Permanent – Hybrid/Remote – Newark, NJ / New York, NY)

An opportunity has come through our network for a Lead IAM Engineer at a leading energy/utilities organization. This full-time, permanent position offers hybrid/remote flexibility, allowing you to be based out of Newark, New Jersey, or New York, New York, with a competitive salary ranging from $140,000 – $165,000 annually. This is a senior-level, hands-on technical leadership role that is absolutely critical for leading the design, implementation, and management of enterprise Identity and Access Management (IAM) solutions, ensuring secure access, enforcing security policies, and driving IAM strategy across the organization.

What You’ll Be Doing: Spearheading Enterprise IAM Strategy and Security

As a Lead IAM Engineer, you’ll be at the forefront of securing critical systems and data, ensuring robust identity and access controls across complex on-premises and cloud environments. Your responsibilities will blend strategic architecture, hands-on implementation, and cross-functional leadership.

• IAM Architecture & Implementation: You will lead the design and management of comprehensive IAM solutions across the enterprise. This includes implementing Single Sign-On (SSO) for simplified access, Multi-Factor Authentication (MFA) for enhanced security, Privileged Access Management (PAM) for securing elevated accounts, and Role-Based Access Control (RBAC) for granular permissions. Your work ensures a secure and efficient access landscape.
• Identity Governance: You’ll oversee identity lifecycle management, from user provisioning (granting access) to deprovisioning (revoking access). This involves establishing processes for managing user identities throughout their journey within the organization, ensuring accurate and timely access changes, and maintaining compliance with internal and external policies.
• Access Control: You’ll implement advanced access control principles such as least privilege (granting only necessary access), Just-In-Time (JIT) access (granting temporary access only when needed), and Zero Trust principles (never trust, always verify). These controls significantly reduce the attack surface and enhance the security posture of critical systems.
• Directory & Federation Services: You’ll manage core directory services like Active Directory and Azure AD (Active Directory), as well as LDAP (Lightweight Directory Access Protocol). Your expertise will extend to implementing federation protocols such as SAML (Security Assertion Markup Language), OAuth, and OpenID Connect, enabling seamless and secure identity sharing across different systems and organizations.
• Cloud IAM: You will be responsible for securing access across various cloud platforms (e.g., AWS, Azure). This involves implementing proper identity federation, managing cloud-native identity services, and defining secure role management to ensure consistent and compliant access controls within the dynamic cloud environment.
• Compliance & Security: You’ll ensure strict alignment with regulatory frameworks like SOX (Sarbanes-Oxley Act) and NIST (National Institute of Standards and Technology) guidelines, as well as other relevant industry and security standards. This includes conducting audits and risk assessments to identify potential compliance gaps and vulnerabilities within the IAM domain, ensuring robust governance.
• Incident Response: You will collaborate closely with security teams to detect and remediate IAM-related incidents. This involves investigating security breaches, identifying compromised accounts, implementing containment strategies, and restoring normal operations quickly and effectively, minimizing impact on the organization.
• Automation: You will drive efficiency and consistency by developing scripts and workflows using languages like PowerShell, Python, or similar tools. These automation efforts will streamline routine IAM tasks, improve operational response times, and enhance the overall reliability of identity and access management processes.
• Stakeholder Engagement: You will foster strong relationships and partner effectively with IT, security, and business teams to define and implement comprehensive IAM strategies. This requires excellent communication and interpersonal skills to translate technical requirements into business value and secure buy-in across diverse organizational functions.

What’s Needed? Your Expertise in IAM Engineering

To excel as a Lead IAM Engineer, you’ll need extensive experience in IAM engineering, a deep understanding of security architecture, and strong proficiency in scripting and cloud security.

• Extensive IAM Engineering Experience: You must possess a minimum of 6 years of verifiable experience in IAM engineering, security architecture, or a related field. This extensive background demonstrates a seasoned professional capable of tackling complex identity and access management challenges in an enterprise environment.
• Educational Background: A Bachelor’s degree in a related field (e.g., Computer Science, Cybersecurity, Information Systems) is required. Alternatively, 10 years of relevant cybersecurity experience can be considered in lieu of a degree, indicating a strong practical foundation.
• Deep Expertise in IAM Platforms and Protocols: You bring deep expertise in IAM platforms (e.g., Okta, SailPoint, CyberArk, Azure AD), demonstrating hands-on experience with these leading solutions. This is coupled with a strong understanding of authentication protocols (e.g., OAuth, OpenID Connect, SAML) and cloud security principles.
• Proficiency in Scripting Languages: You possess proficiency in scripting languages such as PowerShell, Python, and Bash. This is crucial for automating IAM tasks, managing system configurations, and enhancing operational efficiency within complex IT environments.
• Strong Understanding of Zero Trust and Risk-Based Authentication: You have a strong understanding of Zero Trust principles (never trust, always verify) and identity-centric security concepts. You also possess knowledge of risk-based authentication methodologies, where access decisions are dynamically adjusted based on context and risk levels.
• Excellent Problem-Solving, Communication, and Leadership Skills: You demonstrate excellent problem-solving skills to diagnose and resolve complex IAM issues effectively. This is complemented by strong communication skills (verbal and written) for stakeholder engagement and proven leadership skills to guide teams and initiatives.

Preferred Qualifications: Enhancing Your Leadership Profile

• Certifications: Certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or IAM-specific credentials (e.g., CIAM, GIAC Identity Management) are highly desirable, validating advanced expertise in information security and identity management.
• DevSecOps Experience: Experience integrating IAM with CI/CD (Continuous Integration/Continuous Delivery) pipelines and familiarity with DevSecOps practices would be a significant plus, showcasing your ability to embed security into modern software development workflows.
• API Security and IAM SDKs: Familiarity with securing APIs and experience using IAM SDKs (Software Development Kits) would be beneficial, indicating hands-on development skills related to identity solutions.

If this Lead IAM Engineer role in Newark, NJ, or New York, NY, aligns with your extensive IAM engineering experience, leadership capabilities, and passion for driving enterprise-level security solutions, then this full-time, permanent opportunity is an excellent chance to make a significant impact within a leading energy/utilities organization.

Are you ready to lead the future of Identity and Access Management?