Identity and Access Management Engineer (2856321) - Tier4 Group

Title: Identity and Access Management Engineer

Location: Franklin, WI

Type: Hybrid (3 days onsite per week)

Duration: ASAP – December 2025

Perks: Competitive rates, benefits, free daily lunch when onsite

Position Overview:

We are seeking a skilled and motivated Identity and Access Management (IAM) Engineer to join our Fortune 500 client's team and play a pivotal role in shaping the future of their IAM program. The ideal candidate will collaborate closely with business units, developers, vendors, and security engineers to design, implement, and optimize identity solutions that ensure seamless, secure, and scalable access management across the organization.

Key Responsibilities:

• Collaborate with cross-functional teams, including developers, security engineers, vendors, and key business units, to implement and optimize IAM solutions.
• Architect, design, and support CIAM (Customer Identity and Access Management) solutions that integrate with diverse systems and platforms.
• Ensure high availability, scalability, and seamless user experience within IAM systems.
• Lead the integration of third-party software and on-premises infrastructure with CIAM tools (e.g., Okta, Ping Identity).
• Design and conduct impact analyses, perform data assessments and provide work effort estimates for new features and system fixes.
• Implement and manage technologies such as:
• Single Sign-On (SSO), Multi-Factor Authentication (MFA), and FIDO authentication.
• Privileged Access Management (PAM) and Identity Governance & Administration (IGA).
• Utilize and manage CIAM orchestration tools like PingOne DaVinci or Transmit Security FlexID to automate and streamline identity workflows.
• Implement and manage identity-proofing processes to ensure secure and verified user authentication.
• Support and maintain CIAM tools, including infrastructure upgrades, patch management, and performance tuning.
• Apply advanced knowledge of identity protocols such as OpenID Connect (OIDC), OAuth, SAML, AD-Fed, API Gateways, and SCIM
• Create and maintain detailed documentation, including architecture designs, implementation plans, and operational procedures.
• Provide technical leadership, mentoring, and guidance to junior team members.
• Champion automation and process improvement initiatives to increase efficiency and system reliability.
• Ensure compliance with industry standards, security best practices, and organizational policies.

Qualifications:

• Proven experience designing, developing, and managing CIAM solutions.
• Hands-on experience managing IDP tools such as Okta or Ping Identity (experience with Transmit Security is a plus).
• Familiarity with orchestration tools like PingOne DaVinci or Transmit Security FlexID
• Strong understanding of identity protocols, including OIDC, OAuth, SAML, API Gateways, SCIM, and AD-Fed
• Experience implementing and managing SSO, MFA, FIDO, PAM, and IGA technologies.
• Knowledge of identity-proofing techniques and secure user verification processes.
• Ability to collaborate effectively with technical and business stakeholders.
• Strong analytical and problem-solving skills, with the ability to conduct impact analyses and develop work effort estimates.
• Excellent documentation skills, with experience creating architecture diagrams and operational documentation.
• Prior experience leading automation and process improvement initiatives is a plus.
• Experience with CIAM tools Okta and Transmit Security is highly desirable.