Engineer, IAM

Optimum

$83K — $137K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent experience)
  • 3+ years of experience in Identity & Access Management, cybersecurity, or related technical fields with hands-on platform administration
  • Experience administering CIAM or identity provider platforms in production environments
  • Working knowledge of identity standards and protocols (OAuth 2.0, OIDC, SAML, SCIM)
  • Experience troubleshooting authentication and provisioning using logs and diagnostic tools
  • Ability to write code or automation scripts in modern programming languages (e.g., JavaScript, Python, Java, Go)
  • Familiarity with cloud platforms (AWS, Azure, or GCP) and identity integrations

Responsibilities

  • Administer and configure the enterprise customer identity platform and its integrations
  • Manage identity data and lifecycle processes, including automated provisioning and de-provisioning
  • Configure and maintain authorization services, ensuring alignment with application requirements
  • Monitor platform health and security, investigating issues and executing remediation
  • Execute migrations from legacy authentication systems to modern CIAM solutions
  • Test authentication and authorization across various environments for issue resolution
  • Serve as a technical advisor to application teams on CIAM platform integration

Benefits

  • Flexible work schedule
  • Opportunity for remote work
  • Professional development resources and training
  • Access to the latest technology and tools
  • Collaborative and innovative work environment
Full Job Description
Job Summary

As an Identity & Access Management Engineer on the Customer IAM team, you are a hands-on practitioner responsible for the configuration, integration, and ongoing operations of our enterprise Customer IDP platform. You translate IAM strategy into working solutions, building authentication flows, provisioning connectors, and migration integrations that application teams across the company rely on every day.

You will work directly with application development teams to guide them through the adoption of modern authentication standards (OIDC, OAuth 2.0, SAML 2.0, FIDO2/WebAuthn), troubleshoot complex integration issues, and build the tooling and documentation that make a seamless customer experience possible. This role sits at the intersection of security engineering, platform operations, and developer experience.

Responsibilities

CIAM Platform Configuration & Operations
  • Administer and configure the enterprise customer identity platform, including application integrations (OIDC, SAML), authentication policies, MFA, and network/security settings
  • Manage identity data and lifecycle processes, including directory schema, attribute mappings, group rules, and automated provisioning/de-provisioning (SCIM, workflows)
  • Configure and maintain authorization services, including scopes, claims, and access policies aligned to application requirements
  • Monitor platform health and security using logs and SIEM integrations; investigate issues and execute remediation based on established runbooks
  • Maintain operational documentation, runbooks, and support materials for internal and customer-facing teams

Authentication Integration & Migration
  • Execute application migrations from legacy authentication systems to modern CIAM solutions using established playbooks
  • Configure and validate authentication integrations (OIDC, SAML), ensuring secure and seamless end-to-end authentication experiences
  • Test authentication and authorization flows across development, staging, and production environments, and coordinate issue resolution with application teams
  • Support implementation of advanced authentication methods, including MFA and passwordless or phishing-resistant mechanisms
  • Track migration progress and contribute to reporting for application onboarding and modernization efforts

Developer Support & Enablement
  • Serve as a technical advisor to application development teams integrating with the CIAM platform
  • Provide guidance on authentication design, token usage, and session management aligned with identity standards
  • Develop and maintain documentation, integration guides, and code samples to enable efficient onboarding
  • Troubleshoot complex authentication and provisioning issues using system logs, browser diagnostics, and application insights
  • Participate in architecture reviews and promote secure, standards-based identity patterns
  • Contribute to knowledge sharing through documentation, demos, and team enablement sessions

Security, Compliance & Continuous Improvement
  • Implement and maintain authentication and access controls aligned with enterprise security policies and data sensitivity requirements
  • Support audit and compliance activities (e.g., SOX, SOC 2, PCI-DSS) including evidence collection and access reporting
  • Participate in identity-related incident response and contribute to root cause analysis and process improvement
  • Maintain platform security hygiene, including policy reviews, removal of unused configurations, and credential/token management
  • Build and enhance automation using scripting or Infrastructure-as-Code tools (e.g., Terraform) to improve consistency and reduce manual effort
  • Contribute to CI/CD processes for identity configuration changes, including testing, peer review, and deployment
  • Evaluate new platform capabilities and support proof-of-concept implementations for continuous improvement


Qualifications

Required
  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent experience)
  • 3+ years of experience in Identity & Access Management, cybersecurity, or a related technical field with hands-on platform administration
  • Experience administering CIAM or identity provider platforms in production environments, including authentication policies, integrations, and lifecycle management
  • Working knowledge of identity standards and protocols such as OAuth 2.0, OpenID Connect (OIDC), SAML, and SCIM
  • Experience troubleshooting authentication and provisioning issues using logs, browser tools, and diagnostic methods
  • Ability to write code or automation scripts in at least one modern language (e.g., JavaScript, Python, Java, Go)
  • Experience working with application development teams in a technical advisory or enablement capacity
  • Familiarity with cloud platforms (AWS, Azure, or GCP) and identity integrations

Pay is competitive and based on a number of job-related factors, including skills and experience. The starting pay rate/range at time of hire for this position in New Yorkis $83,538.00 - $137,241.00 / year. For other locations, please inquire with your recruiter. The rates/ranges provided herein are the anticipated pay at the time of hire, and do not reflect future job opportunity.

We appreciate your interest in this opportunity. Applicants must be authorized to work for ANY employer in the U.S. Please note that at this time, we do not provide visa sponsorship for employment.

Similar Jobs

More Jobs at Optimum

More Information Technology Jobs

Find similar Engineer, IAM jobs: