Security Engineer II (Remote)

The Security Engineer II – Workforce IAM will report to the Security Engineering Manager in the Technology Department. This role builds upon foundational IAM experience to design, implement, and support solutions that manage user lifecycles, automate provisioning, and enforce access controls. The ideal candidate has a strong investigative mindset, excellent troubleshooting skills, and fluency in scripting languages such as PowerShell and Python. 

Duties & Responsibilities:

• Design, implement, and maintain automation for user lifecycle processes (joiner/mover/leaver) across Active Directory, Entra ID, GCP, and connected SaaS systems. 
• Develop and maintain scripts and automations to improve efficiency, reduce manual work, and ensure accuracy of identity data. 
• Support integration between HR systems, directories, and downstream applications through API-based or workflow-driven automation. 
• Configure and support access management solutions including conditional access, MFA, SSO, and role-based access controls. 
• Partner with application and infrastructure teams to onboard new systems into enterprise identity services. 
• Conduct periodic access reviews and support remediation of access-related audit findings. 
• Act as a technical escalation point for complex identity and access issues impacting end users or systems. 
• Perform root cause analysis for authentication, authorization, and provisioning failures. 
• Collaborate with the Security Operations and IT teams on incident response and remediation involving identity systems. 
• Identify opportunities to improve reliability, security, and performance of IAM systems through automation and process refinement. 
• Maintain detailed technical documentation, runbooks, and standard operating procedures. 
• Contribute to the development of standards, patterns, and best practices for identity and access management.  

Qualifications

Education & Experience:

• 3-5 years of experience in Information Technology, Cloud Engineering, and/or Identity and Access Management 
• Bachelor’s degree in computer science, Software/Computing Engineering, Applied Mathematics or related field  
• Technical Certifications a plus 

Skills & Abilities:

• Experience with hybrid identity environments (on-prem AD, Entra ID, GCP, AWS). 
• Familiarity with ITSM tools and ticket-driven workflows. 
• Exposure to compliance frameworks (SOC 2, HIPAA, PCI) and audit support. 
• Experience with version control systems (Git) and CI/CD pipelines for automation code. 
• Strong scripting experience (PowerShell required). 
• Solid understanding of Active Directory, Entra ID/Azure AD, and identity lifecycle processes. 
• Hands-on experience with MFA, conditional access, SSO, and access review technologies. 
• Proven troubleshooting and analytical skills, with a methodical approach to problem solving. 
• Experience working with IAM automation tools or integrations (e.g., SailPoint, Okta, Saviynt, Ping, or similar). 
• Familiarity with APIs, REST/JSON, and automation frameworks. 
• Ability to communicate complex technical issues clearly to both technical and non-technical audiences.