
Sr. Identity and Access Management Engineer at Bounteous. Location Information: United States. We co‑innovate with the world's most ambitious brands to create transformative digital experiences.. Promote and enforce awareness of key information security practices, including acceptable use of information assets, malware protection, and password security protocols. Identify, assess, and report security risks, focusing on how these risks impact the confidentiality, integrity, and availability of information assets. Understand and evaluate how data is stored, processed, or transmitted, ensuring compliance with data privacy and protection standards (GDPR, CCPA, etc.). Ensure data protection measures are integrated throughout the information lifecycle to safeguard sensitive information. Design and architect IAM frameworks to support secure access across hybrid environments.. Automate IAM processes to improve operational efficiency and reduce manual intervention.. Lead the integration of IAM solutions with existing systems, ensuring compatibility and compliance with security standards.. Implement role-based access control (RBAC), Least-Privilege, and Zero-Trust principles.. Contribute to the development and maintenance of IAM solutions – PingOne SSO, Saviynt Enterprise Identity Cloud, Entra ID. Monitor and enhance IAM security posture through continuous improvement and threat mitigation.. Implement and support Identity Threat Detection and Response solutions and practices.. Evaluate vendor IAM solutions and document their applicability and value.. Create and maintain comprehensive documentation for IAM processes and ensure compliance with regulatory requirements.. Research, design, and advocate for relevant IAM architectures and solutions supporting security requirements of the enterprise, its customers, business partners and vendors.. Maintain familiarity with IT security vulnerabilities, threats, exploits and mitigations.. Hands-on experience delivering enterprise-level IAM solutions and controls.. Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions.. Expertise in authentication and authorization standards, including FIDO2, SAML, OAuth, and LDAP.. Extensive hands-on experience implementing and supporting one or more Single Sign On solutions (e.g., PingOne, Entra ID). Extensive hands-on experience implementing and supporting one or more Identity Governance and Administration solutions (e.g., Saviynt, SailPoint).. Experience implementing and managing Privileged Access Management (PAM). Experience in migrating legacy authentication standards to modern ones. Experience with Active Directory, scripting / programming languages (e.g., Python, Ruby, PowerShell). Familiarity with SAP IAM, certificate management and PKI services. Strong problem-solving skills and the ability to communicate effectively with technical and non-technical stakeholders.. Extensive familiarity with NIST and ISO security practice frameworks, data privacy regulations. Familiarity with architecture methodologies (e.g., SABSA, TOGAF, Zachman Framework). Demonstrable experience creating, securing, and managing Cloud infrastructures (e.g., AWS, Azure, Open stack). Professional experience in application or infrastructure penetration testing.. Bachelor’s or master’s degree in computer science, information systems or other related field, or equivalent work experience.. Professional security certifications, such as a ISC(2) Certified Information Systems Security Professional (CISSP), IMI Certified Identity Management Professional (CIMP), Certified Identity and Access Manager (CIAM) or similar.. Pay range:. $50 - $75p/h