Title: IAM Security Engineer Location: Seattle, WA 98101 - 4 days per week onsite. Duration: 3 Months with possible extension or conversion Schedule: 8-5 PM PST
Description: A solid individual contributor responsible for designing, implementing, and supporting IAM solutions across multiple environments with minimal supervision. This role actively develops automation to streamline operational tasks, implements subsystem-level security designs, and serves as an escalation point for complex technical issues.
Key Responsibilities
Design and implement secure IAM configurations across multi-cloud and hybrid identity environments, applying Zero Trust principles to develop and tune conditional access policies and cloud IAM roles.
Develop, test, and maintain automation scripts (Python, PowerShell) and low-code workflows (e.g., Okta Workflows) to streamline user lifecycle management (LCM), reduce manual effort, and improve accuracy.
Independently manage the end-to-end integration of new applications into the IAM ecosystem, including SSO, MFA, IGA, and PAM solutions, applying Role-Based Access Control (RBAC) models.
Implement and configure IAM controls for non-human identities, such as service principals in Azure or Cloud Infrastructure platform (AWS, GCP, Oracle), ensuring they adhere to the principle of least privilege.
Create and maintain modular and reusable Infrastructure as Code (IaC) modules (e.g., Terraform) for the repeatable and consistent deployment of IAM resources.
Manage secrets and credentials for applications and services using a vaulting solution and enterprise Public Key Infrastructure (PKI).
Troubleshoot and resolve complex technical identity and access issues across both cloud and legacy systems, performing root cause analysis and implementing preventative measures.
For development-focused roles: Develop, test, and maintain custom automation scripts and simple applications that interact with REST APIs to extend IAM platform capabilities.
Example Projects or Deliverables
Design and build an automated workflow in Okta Workflows to deprovision access from a set of high-risk applications within one hour of receiving a termination event from the HR system.
Develop a reusable Terraform module to standardize the creation of IAM roles in AWS, incorporating permissions boundaries and mandatory tagging policies.
Implement Just-in-Time (JIT) access for a defined set of privileged roles using a PAM solution, reducing standing privileged access by 75% for that group.
Create a comprehensive dashboard to monitor for anomalous login patterns, correlating data from the IdP, cloud platforms, and legacy directory services.
Skills: Required Qualifications
2+ years of direct experience in an Identity and Access Management role.
Demonstrated experience with at least one major cloud identity platform (Okta, Microsoft Entra ID).
Proficiency in scripting with PowerShell or Python for automation.
Hands-on experience with Infrastructure as Code tools, particularly Terraform.
Strong understanding of modern authentication and federation protocols (SAML, OIDC, OAuth 2.0, SCIM).
Experience with hybrid identity models connecting cloud IdPs to on-premise Active Directory.
*For development-focused roles: Proficiency in a scripting or programming language (Python, Go) and hands-on experience consuming REST APIs.
Bachelor's Degree in Information Technology, Computer Science, Cybersecurity or related experience required.
Preferred Qualifications
AWS Certified Security - Specialty or Azure Security Engineer Associate
Microsoft SC-300: Identity and Access Administrator Associate
Okta Certified Administrator
SailPoint Certified IdentityIQ Associate or SailPoint Certified IdentityNow Professional
For development-focused roles: Experience with full-stack development is a plus.
Technical Skills
Tools:
Okta, Microsoft Entra ID, Active Directory, AWS IAM, SailPoint IdentityNow, Terraform, BeyondTrust, HashiCorp Vault, PKI / Certificate Management, Git.
For information on benefits, equal opportunity employment, and location-specific applicant notices, click here
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws.This position's pay range is $80.00/hr - $84.00/hr.