TalentAlly
Lead Consultant (Identity Access Management Engineer)
TalentAlly, Glen Allen, Virginia, United States, 23060
Lead Consultant (Identity Access Management Engineer)
Apex Systems is a leading global technology services firm that incorporates industry insights and experience to deliver solutions that fulfill our clients' digital visions. We provide a continuum of services, including strategy and enablement, innovation and productivity, and technology foundations to drive better results and bring more value to our clients. Apex transforms our customers with modern enterprise solutions tailored to the industries we serve. Apex has a presence in over 70 markets across North America, Europe, and India. Apex is a part of the Commercial Segment of ASGN Incorporated (NYSE: ASGN). To learn more, visit www.apexsystems.com.
Job Description
Apex Systems is seeking a seasoned Identity & Access Management (IAM) Engineer to join our cybersecurity consulting practice. This role offers the opportunity to collaborate on enterprise identity initiatives across diverse Fortune 500 clients. You will design comprehensive IAM solutions and implement emerging Zero Trust technologies. As both a technical engineer and strategic advisor, you will collaborate with client stakeholders to design and implement identity programs and tools that align business objectives and regulatory requirements.
As a Lead IAM Consultant, you will lead cross‑functional project teams, mentor junior engineers, and provide technical expertise for Apex's sales initiatives. This position provides exposure to innovative identity technologies and complex technical challenges across multiple industries. The ideal candidate combines deep technical expertise in enterprise identity platforms with strong consulting skills and a passion for solving complex security challenges.
RESPONSIBILITIES
Architect end‑to‑end identity projects, including requirements gathering, solution design, development, implementation, testing, and deployment with primary focus on identity platforms (e.g., SailPoint IdentityNow, Security Cloud/IdentityIQ, and Saviynt).
Design and configure comprehensive identity governance and administration (IGA) processes including access request workflows, automated provisioning/de‑provisioning, role management, access certification campaigns, and policy enforcement.
Configure and customize identity infrastructure and environments, develop custom connectors and APIs, integrate with cloud platforms (Azure, AWS), identity providers (Microsoft Entra, Okta), PAM solutions (CyberArk), and establish connectivity with enterprise applications and authoritative sources.
Lead assessments of existing identity infrastructure, identify security gaps and vulnerabilities, and recommend strategies aligned with business objectives and regulatory requirements.
Lead cross‑functional teams, including security, IT operations, and application teams, to ensure seamless integration of identity solutions and translate business requirements into technical implementations.
Develop detailed implementation guides, configuration documentation, test plans, runbooks, and establish metrics that provide visibility into identity ecosystem performance and efficiency.
Support technical aspects of pre‑sales activities, assist with solution scoping, and contribute technical expertise to proposal development and client presentations.
Provide guidance and mentorship to junior team members and stay updated on emerging trends and technologies in the identity space.
JOB REQUIREMENTS
6+ years of experience in enterprise identity and access management with demonstrated expertise in access governance, identity lifecycle management, and compliance frameworks.
Direct experience with IGA platforms such as SailPoint Identity Security Cloud/IdentityIQ or Saviynt, including design, configuration, and customization of workflows, rules, and connectors.
Experience integrating or configuring identity providers such as Microsoft Entra, Okta, or similar solutions in enterprise environments.
Integration experience with privileged access management (PAM) tools such as CyberArk, HashiCorp Vault, or Delinea.
Direct experience with cloud identity services and APIs in Azure, AWS, or Google Cloud Platform environments.
Experience with authentication technologies and protocols including SSO, SAML, OIDC, OAuth, LDAP, and SCIM implementations.
Proven history of developing governance documentation, technical procedures, and compliance artifacts with consideration of security controls and regulatory frameworks.
Experience collaborating with cross‑functional teams to gather requirements, assess system impacts, and ensure successful identity platform deployments.
Strong background in developing and implementing role‑based access control (RBAC) models, access policies, and separation of duties (SoD) frameworks.
Experience working with technical teams and contributing to project deliverables with ability to communicate effectively with both technical and non‑technical stakeholders.
SailPoint Professional certification strongly preferred; other certifications (Saviynt, Microsoft Entra, CyberArk, Okta) preferred.
Deep understanding of identity principles, concepts, and best practices including access control, authentication, credential verification, machine identity, and provisioning.
Strong knowledge of authentication technologies, standards, and protocols such as SSO, OIDC, SAML, LDAP, OAuth, and SCIM.
Experience with SailPoint configuration—including connector development and customization (JDBC, LDAP, Active Directory, cloud connectors) and application onboarding processes.
Experience with rule writing (identity, correlation, transformation) and workflow design for approval processes and provisioning.
Experience with programming languages such as Python, PowerShell, or BeanShell and database technologies (Oracle, MSSQL, MySQL) for connector development and data integration.
Proficiency with API integration (REST/SOAP) and data transformation and mapping between systems.
Experience with various integration methods including flat files and database connectivity for onboarding authoritative sources and applications.
Ability to lead identity infrastructure assessments, gap analyses, and strategic planning initiatives with increasing responsibility based on experience level.
Excellent written and verbal communication skills with demonstrated ability to clearly explain technical concepts to non‑technical audiences.
Strong critical thinking skills with ability to analyze complex issues and implement effective solutions.
Highly motivated, consultative, problem‑solving mindset with ability to influence others, build relationships, and manage conflicts.
OUR COMPREHENSIVE BENEFITS
Competitive Salary
Health, Dental and Vision Insurance
Health Savings Accounts (HSA) with Employer Contribution
Flexible Spending Accounts
Long and Short‑Term Disability
Life Insurance
Voluntary Benefits
Employee Assistance Program
Paid Parental Leave
Wellness Incentives
Vacation and Holiday Pay
401(k) Retirement Plan with Employer Match
Employee Stock Purchase
Training and Advancement Opportunities
Tuition Reimbursement
Birthdays Off
Philanthropic Opportunities
Referral Program
Partial Gym Membership Paid
Team Building Events
Discount Programs
Equal Opportunity Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.
If you require an accommodation in using our website for a search or application, please contact Apex Systems at [email protected].
Seniority Level: Mid‑Senior level. Employment Type: Full‑time. Job Function: Technology, Information and Media.
#J-18808-Ljbffr
Job Description
Apex Systems is seeking a seasoned Identity & Access Management (IAM) Engineer to join our cybersecurity consulting practice. This role offers the opportunity to collaborate on enterprise identity initiatives across diverse Fortune 500 clients. You will design comprehensive IAM solutions and implement emerging Zero Trust technologies. As both a technical engineer and strategic advisor, you will collaborate with client stakeholders to design and implement identity programs and tools that align business objectives and regulatory requirements.
As a Lead IAM Consultant, you will lead cross‑functional project teams, mentor junior engineers, and provide technical expertise for Apex's sales initiatives. This position provides exposure to innovative identity technologies and complex technical challenges across multiple industries. The ideal candidate combines deep technical expertise in enterprise identity platforms with strong consulting skills and a passion for solving complex security challenges.
RESPONSIBILITIES
Architect end‑to‑end identity projects, including requirements gathering, solution design, development, implementation, testing, and deployment with primary focus on identity platforms (e.g., SailPoint IdentityNow, Security Cloud/IdentityIQ, and Saviynt).
Design and configure comprehensive identity governance and administration (IGA) processes including access request workflows, automated provisioning/de‑provisioning, role management, access certification campaigns, and policy enforcement.
Configure and customize identity infrastructure and environments, develop custom connectors and APIs, integrate with cloud platforms (Azure, AWS), identity providers (Microsoft Entra, Okta), PAM solutions (CyberArk), and establish connectivity with enterprise applications and authoritative sources.
Lead assessments of existing identity infrastructure, identify security gaps and vulnerabilities, and recommend strategies aligned with business objectives and regulatory requirements.
Lead cross‑functional teams, including security, IT operations, and application teams, to ensure seamless integration of identity solutions and translate business requirements into technical implementations.
Develop detailed implementation guides, configuration documentation, test plans, runbooks, and establish metrics that provide visibility into identity ecosystem performance and efficiency.
Support technical aspects of pre‑sales activities, assist with solution scoping, and contribute technical expertise to proposal development and client presentations.
Provide guidance and mentorship to junior team members and stay updated on emerging trends and technologies in the identity space.
JOB REQUIREMENTS
6+ years of experience in enterprise identity and access management with demonstrated expertise in access governance, identity lifecycle management, and compliance frameworks.
Direct experience with IGA platforms such as SailPoint Identity Security Cloud/IdentityIQ or Saviynt, including design, configuration, and customization of workflows, rules, and connectors.
Experience integrating or configuring identity providers such as Microsoft Entra, Okta, or similar solutions in enterprise environments.
Integration experience with privileged access management (PAM) tools such as CyberArk, HashiCorp Vault, or Delinea.
Direct experience with cloud identity services and APIs in Azure, AWS, or Google Cloud Platform environments.
Experience with authentication technologies and protocols including SSO, SAML, OIDC, OAuth, LDAP, and SCIM implementations.
Proven history of developing governance documentation, technical procedures, and compliance artifacts with consideration of security controls and regulatory frameworks.
Experience collaborating with cross‑functional teams to gather requirements, assess system impacts, and ensure successful identity platform deployments.
Strong background in developing and implementing role‑based access control (RBAC) models, access policies, and separation of duties (SoD) frameworks.
Experience working with technical teams and contributing to project deliverables with ability to communicate effectively with both technical and non‑technical stakeholders.
SailPoint Professional certification strongly preferred; other certifications (Saviynt, Microsoft Entra, CyberArk, Okta) preferred.
Deep understanding of identity principles, concepts, and best practices including access control, authentication, credential verification, machine identity, and provisioning.
Strong knowledge of authentication technologies, standards, and protocols such as SSO, OIDC, SAML, LDAP, OAuth, and SCIM.
Experience with SailPoint configuration—including connector development and customization (JDBC, LDAP, Active Directory, cloud connectors) and application onboarding processes.
Experience with rule writing (identity, correlation, transformation) and workflow design for approval processes and provisioning.
Experience with programming languages such as Python, PowerShell, or BeanShell and database technologies (Oracle, MSSQL, MySQL) for connector development and data integration.
Proficiency with API integration (REST/SOAP) and data transformation and mapping between systems.
Experience with various integration methods including flat files and database connectivity for onboarding authoritative sources and applications.
Ability to lead identity infrastructure assessments, gap analyses, and strategic planning initiatives with increasing responsibility based on experience level.
Excellent written and verbal communication skills with demonstrated ability to clearly explain technical concepts to non‑technical audiences.
Strong critical thinking skills with ability to analyze complex issues and implement effective solutions.
Highly motivated, consultative, problem‑solving mindset with ability to influence others, build relationships, and manage conflicts.
OUR COMPREHENSIVE BENEFITS
Competitive Salary
Health, Dental and Vision Insurance
Health Savings Accounts (HSA) with Employer Contribution
Flexible Spending Accounts
Long and Short‑Term Disability
Life Insurance
Voluntary Benefits
Employee Assistance Program
Paid Parental Leave
Wellness Incentives
Vacation and Holiday Pay
401(k) Retirement Plan with Employer Match
Employee Stock Purchase
Training and Advancement Opportunities
Tuition Reimbursement
Birthdays Off
Philanthropic Opportunities
Referral Program
Partial Gym Membership Paid
Team Building Events
Discount Programs
Equal Opportunity Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.
If you require an accommodation in using our website for a search or application, please contact Apex Systems at [email protected].
Seniority Level: Mid‑Senior level. Employment Type: Full‑time. Job Function: Technology, Information and Media.
#J-18808-Ljbffr