IAM Engineer - Identity & Access Management SailPoint SSO & Federation

About The Role

This is a development-heavy IAM engineering role for a hands-on SailPoint IIQ practitioner. You will design, build, and implement identity solutions — owning the full development lifecycle from requirements through to post-production support. Operational support is minimal; the expectation is that you write code, build workflows, and solve hard identity problems.

Key Responsibilities

SailPoint IIQ Development (70%)

• Design, develop, and implement SailPoint IIQ solutions including workflows, rules, and connectors
• Build and enhance Joiner, Mover, Leaver (JML) lifecycle workflows end-to-end
• Develop automation using APIs, custom connectors, and SailPoint OOTB connectors
• Work across the full SDLC: requirements gathering, development, UAT support, security reviews, production deployment, and post-production support
• Prepare deployment artifacts, technical documentation, and operational runbooks
• Support critical P1/P2 incidents when escalated
  
  

SSO & Federation Integration (30%)

• Configure and support SSO integrations using Ping Identity (preferred), ADFS, or equivalent platforms
• Implement and troubleshoot federation using SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC)
• Collaborate with application and infrastructure teams during SSO onboarding
  
  

Governance & Lifecycle Management

• Implement and maintain access governance frameworks including access certifications and SoD controls
• Support RBAC modelling and entitlement management within SailPoint IIQ
• Collaborate with operations teams during deployment windows and change cycles
  
  

Required Skills & Experience

Non-Negotiable

• 8+ years of overall IT experience
• 4+ years of hands-on SailPoint IIQ development — workflows, rules, BeanShell, connectors
• 2+ years of SSO implementation experience; Ping Identity strongly preferred
• Strong development proficiency: Java, PowerShell, REST API integrations
• Deep understanding of SailPoint Lifecycle Management (JML), Access Governance, and OOTB connectors
• Proven experience across the complete SDLC in an enterprise environment
• Working knowledge of SAML 2.0, OAuth 2.0, and OIDC
  
  

Good to Have

• Experience with SailPoint Identity Security Cloud (ISC)
• Exposure to PAM tools (CyberArk, BeyondTrust)
• Background in banking, financial services, or regulated sectors
• SailPoint certifications (IdentityIQ Engineer or equivalent)