IAM Security Engineer

We are looking for an IAM Security Engineer to build and strengthen our identity and access security controls across cloud, SaaS, and internal systems. In this role, you will be responsible for implementing practical Zero Trust principles, ensuring secure authentication, enabling Single Sign-On (SSO), enforcing Multi-Factor Authentication (MFA), and handling other key security tasks. Join our team to help protect sensitive data and improve the overall security posture of our systems.

Responsibilities

• Implement and maintain IAM controls across cloud, SaaS, and internal platforms
• Configure and optimize SSO integrations using SAML, OAuth 2.0, and OIDC
• Design and refine MFA and Conditional Access policies 
• Support secure user lifecycle processes, including Joiner, Mover, and Leaver (JML) activities
• Participate in access reviews and privilege cleanup activities
• Troubleshoot  authentication and authorization issues
• Analyze authentication events and provide technical expertise for identity-related investigations
• Collaborate with Engineering and IT teams to ensure secure onboarding of applications and access models
• Ensure alignment with audit and compliance requirements related to IAM controls
• Contribute to practical Zero Trust improvements based on company priorities and maturity

Requirements

• 3+ years of hands-on experience in IT or Information Security with a dedicated focus on Identity and Access Management (IAM), authentication, SSO, MFA, access control and user administration
• Practical experience with major Identity Providers such as Microsoft Entra ID, Okta, or similar solutions
• Solid grasp of identity standards, including SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC)
• Proven ability to configure SSO integrations, manage MFA policies, and administer user/group/role hierarchies
• Strong understanding of Least Privilege, Conditional Access frameworks, and Joiner-Mover-Leaver (JML) lifecycles
• Ability to troubleshoot authentication issues and analyze identity-related logs
• Proficiency in PowerShell, Python or Bash
• English - Intermediate or higher (for free communication)

• Practical experience in automating identity workflows, including user provisioning, deprovisioning, access reviews, and role-based access assignments
• Experience in enterprise-scale Fintech, Banking, or Telecom industries