Senior / Lead IAM Engineer – Professional Services
Location: Remote
Job Type: Full-time
About OpenIAM
OpenIAM is a leading provider of Identity and Access Management (IAM) solutions, delivering an API-first, container-based, and scalable platform for enterprises. We help organizations secure identities and streamline access management through modern authentication protocols such as OIDC, FIDO2, and SCIM.
We are looking for a Senior or Lead IAM Engineer to join our Professional Services team, working directly with major clients to implement OpenIAM. This role requires strong IAM implementation experience, excellent communication skills, and deep technical expertise to design and deploy solutions that meet customer needs.
Key Responsibilities
- IAM Solution Implementation: Lead and execute OpenIAM deployments at enterprise clients, including integration with directories, databases, applications, and cloud platforms.
- Identity Governance & Administration (IGA): Implement access reviews, role-based access control (RBAC), and identity lifecycle management to help clients enforce security policies and regulatory compliance.
- Consultative Engagement: Work closely with clients to capture requirements, understand business challenges, and design IAM & Identity Governance solutions that align with security and compliance needs.
- Architecture & Design: Develop IAM and IGA architectures tailored to customer environments, leveraging best practices from previous IAM implementations.
- Configuration & Customization: Configure OpenIAM components, develop custom workflows, and implement automation for identity lifecycle management and governance processes.
- Customer Collaboration: Guide clients through workshops, requirement sessions, and technical discussions, ensuring a smooth implementation process.
- Technical Troubleshooting: Diagnose and resolve issues related to authentication, authorization, provisioning, governance, and access controls.
- Documentation: Create high-quality documentation, including design documents, implementation guides, and customer-facing reports.
- Mentorship & Best Practices: Share IAM & IGA best practices with clients and internal teams, mentoring junior engineers when needed.
Required Skills & Experience
- 5+ years of hands-on IAM experience, implementing solutions from major vendors such as Okta, SailPoint, Saviynt, ForgeRock, Oracle IAM, Ping Identity, or similar.
- Strong understanding of IAM and Identity Governance concepts, including:
- Access certification and review processes
- Role-based access control (RBAC) and attribute-based access control (ABAC)
- Identity lifecycle management and policy enforcement
- Separation of duties (SoD) controls and compliance
- Experience working with LDAP directories (OpenLDAP, Active Directory) and database systems (PostgreSQL, MySQL, or similar).
- Proficiency in Linux administration, shell scripting, and troubleshooting IAM-related issues in Linux environments.
- Hands-on experience with Java, JavaScript, and Python for custom development, scripting, or integrations.
- Knowledge of REST APIs, SCIM, SAML, OIDC, and FIDO2.
- Strong problem-solving skills and ability to work independently in a fast-paced consulting environment.
- Excellent communication and interpersonal skills, with the ability to work directly with clients in a consultative manner.
- Strong documentation skills to produce high-quality technical reports and client deliverables.
Preferred Qualifications
- Prior experience deploying IAM & IGA solutions in cloud environments (AWS, Azure, GCP).
- Knowledge of Kubernetes and containerized applications.
- Experience integrating IAM with enterprise applications such as ServiceNow, Workday, Salesforce, or SAP.
- Previous consulting experience working with enterprise customers.
