Identity & Access Management (IAM) Engineer
Customers Bank · Malvern, PA · 4 wk ago
HybridEngineering$22/hrFull-time
Responsibilities
- Create and manage access for users and non-human accounts
- Build and maintain roles and entitlements for various business units
- Support secure authentication and authorization across enterprise systems
- Proactively govern identities and access, identify risks, and drive improvements through automation and process optimization
- Conduct configuration, integration, maintenance, performance management, troubleshooting, and operational support of IAM platforms and services
- Support IAM technology deployment projects involving platforms such as Veza, Microsoft Entra ID, Active Directory, and CyberArk
- Support cloud identity security capabilities including conditional access, identity protection, MFA, and Zero Trust-aligned controls
- Perform system-level scripting and automation using technologies such as PowerShell and Python to support IAM processes and integrations
- Build and maintain integrations using SAML, OAuth/OIDC, SCIM, and REST APIs to support secure authentication and authorization
- Assist in identifying stale access, orphaned accounts, excessive permissions, and other identity governance risks across environments
- Participate in provisioning, deprovisioning, onboarding, offboarding, and access modification activities while supporting automation and process improvements
- Identify opportunities to streamline manual IAM processes through automation, scripting, and workflow enhancements
- Support enforcement of IAM security standards and best practices including RBAC, ABAC, MFA, least privilege, and secure authentication patterns
- Assist with tracking and reporting IAM operational metrics such as provisioning timelines, access review completion, and access governance findings
- Partner with IAM Analysts, application owners, infrastructure teams, and security teams to deliver secure and scalable IAM solutions
- Document IAM integrations, workflows, platform configurations, standards, and operational procedures
- Support audit activities, evidence collection, and remediation efforts related to IAM controls and regulatory requirements
- Maintain strong communication and collaboration across technical and business teams
Requirements
- 2–4 years of experience in IAM engineering or related roles
- Experience with IAM platforms such as Microsoft Entra ID, Active Directory, CyberArk, and Veza (or similar IGA tools)
- Experience supporting IAM provisioning, identity lifecycle management, and access governance processes
- Experience integrating applications using SAML, OAuth/OIDC, SCIM, and REST APIs
- Experience supporting cloud identity security capabilities including conditional access and securing SaaS applications
- Strong understanding of IAM fundamentals including RBAC, ABAC, MFA, least privilege, and identity lifecycle management
- Proficiency in scripting using PowerShell, Python, or similar technologies
- Familiarity with structured change management and DevOps processes
- Strong troubleshooting, analytical, and problem-solving skills
- Strong communication and documentation skills
- Experience configuring and administering Veza or other similar IGA tools for identity governance and access visibility
- Experience with Microsoft Entra ID capabilities including SSO, MFA, conditional access, and identity protection
- Experience with CyberArk for privileged access management, credential vaulting, and privileged session management
- Understanding of integrating IAM processes with ServiceNow or similar ITSM platforms for provisioning and access request workflows
- Familiarity with cloud and SaaS identity security concepts and controls
- Ability to work within the Microsoft ecosystem and quickly learn additional enterprise applications and IAM technologies
- Familiarity with AI and automation tools that support productivity, workflow efficiency, and client engagement
Qualifications
Must be legally eligible to work in the United States without sponsorship, now or in the future, to be considered.
Benefits
Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also provide “reasonable accommodations”, upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws.
Pay
TBD
Schedule
TBD