IAMEngineer-Identity&AccessManagement

**ABOUT THE ROLE** This is a **development-heavy** IAM engineering role for a hands-on SailPoint IIQ practitioner. You will design, build, and implement identity solutions — owning the full development lifecycle from requirements through to post-production support. Operational support is minimal; the expectation is that you write code, build workflows, and solve hard identity problems. **KEY RESPONSIBILITIES** **SailPoint IIQ Development (70%)** * Design, develop, and implement SailPoint IIQ solutions including workflows, rules, and connectors * Build and enhance Joiner, Mover, Leaver (JML) lifecycle workflows end-to-end * Develop automation using APIs, custom connectors, and SailPoint OOTB connectors * Work across the full SDLC: requirements gathering, development, UAT support, security reviews, production deployment, and post-production support * Prepare deployment artifacts, technical documentation, and operational runbooks * Support critical P1/P2 incidents when escalated **SSO & Federation Integration (30%)** * Configure and support SSO integrations using Ping Identity (preferred), ADFS, or equivalent platforms * Implement and troubleshoot federation using SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC) * Collaborate with application and infrastructure teams during SSO onboarding **Governance & Lifecycle Management** * Implement and maintain access governance frameworks including access certifications and SoD controls * Support RBAC modelling and entitlement management within SailPoint IIQ * Collaborate with operations teams during deployment windows and change cycles **REQUIRED SKILLS & EXPERIENCE** **Non-Negotiable** * 8+ years of overall IT experience * 4+ years of hands-on SailPoint IIQ development — workflows, rules, BeanShell, connectors * 2+ years of SSO implementation experience; Ping Identity strongly preferred * Strong development proficiency: Java, PowerShell, REST API integrations * Deep understanding of SailPoint Lifecycle Management (JML), Access G