Yoh, A Day & Zimmermann Company
IAM Security Engineer
12+ month contract (W2 ONLY, NO C-C) Austin, TX (Hybrid) Responsibilities
Lead the cleanup, hardening, and optimization of federation configurations (PingFederate, ForgeRock). Manage and remediate Active Directory group memberships, permissions, and delegation models to enforce least privilege. Design and implement Role-Based Access Control (RBAC) across enterprise systems. Support access recertification and identity posture improvement initiatives. Collaborate with red and blue teams to simulate identity-based attacks and enhance detection and response capabilities. Contribute to threat modeling and adversary simulation efforts targeting identity and access infrastructure. Implement and manage privilege controls using LAPS, GPOs, and local admin policy frameworks. Harden Windows servers and endpoints to reduce identity exploitation risk. Enforce Privileged Access Management (PAM) practices using CyberArk or equivalent tools. Identify and remediate misconfigurations that could lead to privilege escalation or lateral movement. Required Skills & Experience
5+ years of experience in IAM engineering or identity-focused security roles. Strong expertise in Active Directory, LDAP, and Group Policy management. Hands-on experience with federation technologies such as PingFederate, ForgeRock, or RSA. Proven ability to design and maintain RBAC and access governance frameworks. Deep understanding of Windows privilege management, GPOs, and PAM implementations (CyberArk, BeyondTrust). Familiarity with offensive security tools and techniques targeting Windows and identity systems. Working knowledge of MITRE ATT&CK identity-based tactics. Proficiency in PowerShell or Python for automation and analysis. Experience with Silverfort or other identity threat detection tools. Exposure to Endpoint Detection and Response (EDR) platforms. Relevant certifications such as CISSP, GIAC, or equivalent IAM/security credentials. Estimated Min Rate:
$52.50 Estimated Max Rate:
$80.00 Benefits
Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week) Health Savings Account (HSA) (for employees working 20+ hours per week) Life & Disability Insurance (for employees working 20+ hours per week) MetLife Voluntary Benefits Employee Assistance Program (EAP) 401K Retirement Savings Plan Direct Deposit & weekly epayroll Referral Bonus Programs Certification and training opportunities Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. For additional information about accommodations or privacy notice, refer to
Yoh Accessibility
and
Candidate Privacy Notice .
#J-18808-Ljbffr
12+ month contract (W2 ONLY, NO C-C) Austin, TX (Hybrid) Responsibilities
Lead the cleanup, hardening, and optimization of federation configurations (PingFederate, ForgeRock). Manage and remediate Active Directory group memberships, permissions, and delegation models to enforce least privilege. Design and implement Role-Based Access Control (RBAC) across enterprise systems. Support access recertification and identity posture improvement initiatives. Collaborate with red and blue teams to simulate identity-based attacks and enhance detection and response capabilities. Contribute to threat modeling and adversary simulation efforts targeting identity and access infrastructure. Implement and manage privilege controls using LAPS, GPOs, and local admin policy frameworks. Harden Windows servers and endpoints to reduce identity exploitation risk. Enforce Privileged Access Management (PAM) practices using CyberArk or equivalent tools. Identify and remediate misconfigurations that could lead to privilege escalation or lateral movement. Required Skills & Experience
5+ years of experience in IAM engineering or identity-focused security roles. Strong expertise in Active Directory, LDAP, and Group Policy management. Hands-on experience with federation technologies such as PingFederate, ForgeRock, or RSA. Proven ability to design and maintain RBAC and access governance frameworks. Deep understanding of Windows privilege management, GPOs, and PAM implementations (CyberArk, BeyondTrust). Familiarity with offensive security tools and techniques targeting Windows and identity systems. Working knowledge of MITRE ATT&CK identity-based tactics. Proficiency in PowerShell or Python for automation and analysis. Experience with Silverfort or other identity threat detection tools. Exposure to Endpoint Detection and Response (EDR) platforms. Relevant certifications such as CISSP, GIAC, or equivalent IAM/security credentials. Estimated Min Rate:
$52.50 Estimated Max Rate:
$80.00 Benefits
Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week) Health Savings Account (HSA) (for employees working 20+ hours per week) Life & Disability Insurance (for employees working 20+ hours per week) MetLife Voluntary Benefits Employee Assistance Program (EAP) 401K Retirement Savings Plan Direct Deposit & weekly epayroll Referral Bonus Programs Certification and training opportunities Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. For additional information about accommodations or privacy notice, refer to
Yoh Accessibility
and
Candidate Privacy Notice .
#J-18808-Ljbffr