Eliassen Group
Overview
Get AI-powered advice on this job and more exclusive features. Our client, an industry leader in delivery services, has an excellent opportunity for a Senior Software Developer to work on a 6+ month renewable contract. Work will be a hybrid schedule in Pasadena or Santa Ana, CA. The Lead IAM Engineer will be responsible for the design, configuration, deployment, and support of Saviynt Identity Governance and Administration (IGA) solution and a Privileged Access Management (PAM) solution within a regulated banking environment. This role will play a critical part in modernizing the clients identity lifecycle management, access certification, and privileged access controls to meet compliance, security, and operational goals. Performs all duties in accordance with the Company’s policies and procedures, all U.S. state and federal laws and regulations, wherein the Company operates. Due to client requirement, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance. Rate: $65 - $75 / hr. w2
Responsibilities
Lead the technical implementation of Saviynt IGA, including connector development, policy configuration, and workflow customization.
Lead the selection and technical implementation of PAM solution, including account discovery and onboarding, password rotation, session management, application integration, and workstation privilege management.
Collaborate with cross-functional teams (security, infrastructure, HR, application owners) to integrate Saviynt and the PAM solution with core banking systems, SaaS platforms, and on-premise applications.
Define and implement role-based access control (RBAC), attribute-based access control (ABAC), and least privilege models.
Develop and maintain identity lifecycle processes (joiner/mover/leaver), access request workflows, and certification campaigns.
Ensure compliance with regulatory frameworks (e.g., FFIEC, SOX, GLBA) and internal audit requirements.
Troubleshoot and resolve issues related to identity provisioning, de-provisioning, and access anomalies.
Create and maintain technical documentation, including architecture diagrams, configuration guides, and SOPs.
Support testing, training, and knowledge transfer to internal teams.
Treat people with respect; keep commitments; inspire the trust of others; work ethically and with integrity; uphold organizational values; accept responsibility for own actions.
Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct.
Requirements
Bachelor’s degree in Information Systems, Computer Science, or a related field
Certifications such as Saviynt Certified Engineer, CISSP, or CISM
Exposure to cloud platforms (AWS, Azure) and hybrid identity models
5+ years of experience in IAM engineering
2 years of hands-on Saviynt implementation experience OR 4 years of hands-on SailPoint implementation experience
4 years of hands-on CyberArk implementation experience across AD, servers, workstations, databases and network devices, including CPM, PSM, PSMP, CP and CCP, EPM, and Remote Access
Strong understanding of identity lifecycle, access governance, and directory services (e.g., Active Directory, Azure AD)
Experience with SAML, OAuth, SCIM, REST APIs, and other identity protocols
Experience in a regulated banking or financial services environment, including familiarity with compliance and security standards relevant to financial institutions
Excellent communication and stakeholder engagement skills
Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact InfoSec@eliassen.com.
Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.
W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
#J-18808-Ljbffr
Get AI-powered advice on this job and more exclusive features. Our client, an industry leader in delivery services, has an excellent opportunity for a Senior Software Developer to work on a 6+ month renewable contract. Work will be a hybrid schedule in Pasadena or Santa Ana, CA. The Lead IAM Engineer will be responsible for the design, configuration, deployment, and support of Saviynt Identity Governance and Administration (IGA) solution and a Privileged Access Management (PAM) solution within a regulated banking environment. This role will play a critical part in modernizing the clients identity lifecycle management, access certification, and privileged access controls to meet compliance, security, and operational goals. Performs all duties in accordance with the Company’s policies and procedures, all U.S. state and federal laws and regulations, wherein the Company operates. Due to client requirement, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance. Rate: $65 - $75 / hr. w2
Responsibilities
Lead the technical implementation of Saviynt IGA, including connector development, policy configuration, and workflow customization.
Lead the selection and technical implementation of PAM solution, including account discovery and onboarding, password rotation, session management, application integration, and workstation privilege management.
Collaborate with cross-functional teams (security, infrastructure, HR, application owners) to integrate Saviynt and the PAM solution with core banking systems, SaaS platforms, and on-premise applications.
Define and implement role-based access control (RBAC), attribute-based access control (ABAC), and least privilege models.
Develop and maintain identity lifecycle processes (joiner/mover/leaver), access request workflows, and certification campaigns.
Ensure compliance with regulatory frameworks (e.g., FFIEC, SOX, GLBA) and internal audit requirements.
Troubleshoot and resolve issues related to identity provisioning, de-provisioning, and access anomalies.
Create and maintain technical documentation, including architecture diagrams, configuration guides, and SOPs.
Support testing, training, and knowledge transfer to internal teams.
Treat people with respect; keep commitments; inspire the trust of others; work ethically and with integrity; uphold organizational values; accept responsibility for own actions.
Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct.
Requirements
Bachelor’s degree in Information Systems, Computer Science, or a related field
Certifications such as Saviynt Certified Engineer, CISSP, or CISM
Exposure to cloud platforms (AWS, Azure) and hybrid identity models
5+ years of experience in IAM engineering
2 years of hands-on Saviynt implementation experience OR 4 years of hands-on SailPoint implementation experience
4 years of hands-on CyberArk implementation experience across AD, servers, workstations, databases and network devices, including CPM, PSM, PSMP, CP and CCP, EPM, and Remote Access
Strong understanding of identity lifecycle, access governance, and directory services (e.g., Active Directory, Azure AD)
Experience with SAML, OAuth, SCIM, REST APIs, and other identity protocols
Experience in a regulated banking or financial services environment, including familiarity with compliance and security standards relevant to financial institutions
Excellent communication and stakeholder engagement skills
Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact InfoSec@eliassen.com.
Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.
W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
#J-18808-Ljbffr