Identity & Access Management (IAM) Engineer III

Summary

We are seeking a Senior Identity & Access Management (IAM) Engineer to design, implement, and manage enterprise identity solutions across on-premises and cloud environments. This role will serve as a technical authority for IAM architecture, leading initiatives across Identity Governance & Administration (IGA), Privileged Access Management (PAM), Single Sign-On (SSO), and Multi-Factor Authentication (MFA), while ensuring secure, scalable, and compliant identity services. The ideal candidate combines deep hands-on engineering experience with strong architectural skills and can partner closely with security, infrastructure, cloud, and application teams. 

Visa Sponsorship Available

No

Minimum Requirements

Combination of Education and Experience will be considered. Must be authorized to work in the US as defined by the Immigration Act of 1986. Must pass a Criminal Background Check.

Education:  Bachelor’s Degree in cybersecurity or Computer Science.

Certification:  IAM or Cyber related certifications.

Years of Experience:  Minimum seven (7) years of experience in related field.

Preferred Requirements

•Seven (7) plus years of experience in Identity & Access Management or related security engineering roles.

•Strong hands-on experience with IGA, PAM, SSO, and MFA solutions.

•Experience designing and implementing enterprise IAM architectures.

•Solid understanding of authentication and authorization protocols (SAML, OAuth 2.0, OpenID Connect, LDAP).

•Experience managing cloud identity services (Azure AD / Entra ID, AWS IAM, GCPIAM).

•Strong scripting or automation skills (PowerShell, Python, Bash, or similar).

•Experience integrating IAM with SaaS, cloud, and custom applications.

•Strong understanding of Zero Trust and identity-centric security principles.

•Ability to translate business requirements into secure technical solutions.

•Experience with common IAM platforms (e.g., SailPoint, Saviynt, Okta, Ping, CyberArk, BeyondTrust, Delinea).

•Experience supporting regulatory or compliance frameworks (SOX, PCI, HIPAA, SOC 2).

•Cloud security or IAM-related certifications (e.g., CISSP, CCSP, Microsoft Identity certs, AWS Security).

•Experience with CI/CD pipelines and Infrastructure as Code (Terraform, ARM, CloudFormation).

Job Duties

•Architect, engineer, and support enterprise IAM solutions across IGA, PAM, SSO, and MFA platforms.

•Own and manage the organization’s identity architecture, including cloud and hybrid identity models.

•Design and implement identity lifecycle management (joiner, mover, leaver) and access governance processes.

•Lead onboarding and integration of applications into SSO, MFA, and IGA platforms.

•Design and enforce role-based access control (RBAC) and least-privilege access models.

•Implement and manage PAM solutions for privileged accounts, service accounts, and secrets management.

•Manage cloud identity platforms (e.g., Azure AD / Entra ID, AWS IAM, GCP IAM) and their integrations.

•Develop and maintain IAM standards, architecture diagrams, and technical documentation.

•Serve as a subject matter expert for identity-related security incidents, audits, and compliance efforts.

•Collaborate with application, cloud, infrastructure, and security teams to deliver secure identity solutions.

•Mentor junior IAM engineers and contribute to IAM strategy and roadmap planning.

•Evaluate IAM tools and technologies and recommend improvements or new capabilities.

•Other duties as assigned.

Physical Requirements

The Physical Demands and Work Environment described here are a representative of those that must be met by a Team Member to successfully perform the essential functions of the role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the role.

Office/IT - While performing the duties of this job, the Team Member is regularly required to stand, sit, talk, hear, see, reach, stoop, kneel, and use hands and fingers to operate a computer, key board, printer, and phone. May be required to lift, push, pull, or carry up to 50 lbs. May be required to work various shifts/days in a 24 hour situation. Regular attendance is a requirement of the role. Exposure to moderate noise (i.e. business office with computers, phones, printers, and foot traffic), temperature and light fluctuations. Ability to work in a confined area as well as the ability to sit at a computer terminal for an extended period of time. Some travel may be a requirement of the role.

Essential Services Provider

Allegiant as a national air carrier is deemed an essential service provider during declared national and state emergencies. Team Members will be required to report to their assigned trip or work location during national and state emergencies unless prohibited by local, state or federal order.

EEO Statement

We welcome all individuals from varied backgrounds and experiences to apply. Our company values the unique perspectives and talents that each person brings to our team.

Equal Opportunity Employer: Disability/Veteran

For more information, see https://allegiantair.jobs