Xfinity
Comcast Cybersecurity: Principal IAM Engineer (SailPoint)
Xfinity, Mount Laurel, New Jersey, United States
Job Summary
The IAM Principal Engineer is responsible for driving the development, maintenance, and continuous improvement of the identity and access management program for the myComcastAccess service. This role actively manages day‑to‑day engineering, support, and maintenance activities across all IAM technologies, ensuring operational excellence and system reliability. As a subject‑matter expert, the engineer develops custom solutions on identity management, privileged access management, and broader information security best practices, collaborating across technology domains to uphold enterprise security standards.
What You’ll Do:
Apply expertise in SailPoint IdentityIQ and Radiant One FID / Global Sync to enhance and expand the enterprise IAM platform.
Collaborate with Agile teams to design, build, test, and support scalable IAM solutions that meet foundational enterprise needs.
Contribute innovative and efficient configuration and coding solutions in SailPoint IdentityIQ and Radiant One FID environments.
Engineer cost‑effective technical solutions leveraging Radiant One FID and Global Sync to address business challenges and streamline identity and access processes.
Develop tactical and strategic IAM solutions aligned with evolving business requirements.
Partner with stakeholders to gather and validate requirements, ensuring delivered solutions meet expectations.
Participate in project teams to design new system capabilities, including proof‑of‑concept implementations, and present their functionality.
Deploy and manage Radiant One FID in Kubernetes environments using Helm charts for scalable, reproducible, reliable containerized deployments.
Support the end‑to‑end testing lifecycle for system changes, including integrations with Radiant One FID / Global Sync.
Create proactive capacity forecasts to prevent outages and ensure system reliability.
Establish and maintain processes and procedures that uphold high standards of availability, security, and quality in managed IAM environments.
Leverage Radiant One FID for advanced identity aggregation from multiple directories and cloud sources into a unified virtual directory.
Implement scalable multi-domain identity solutions with Radiant One FID, improving cross‑system interoperability and accelerating enterprise onboarding/offboarding processes.
Manage a small team of specialized developers, overseeing daily activities, mentoring, and providing technical and strategic guidance.
Required Skills
Over 10 years of experience implementing SailPoint IdentityIQ.
More than 5 years of experience designing, architecting, and maintaining Radiant Logic Virtual Directory Service (VDS), including Federated Identity Management (FIM) and Identity Correlation and Synchronization (ICS).
Skilled in integrating data sources and applications into VDS, configuring data access views and permissions, and performing identity correlation and synchronization.
Strong knowledge of LDAP, Active Directory services, Multi‑Factor Authentication (MFA), risk‑based authentication, and privileged access management.
Deep understanding of IAM across authentication, authorization, endpoint security, network security, and policy engines.
Technical expertise with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping Identity, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and cross‑domain IDM integrations.
Solid grasp of cloud identity concepts and hands‑on experience with Azure AD and other cloud environments.
3–5+ years of experience developing workflows, forms, connector configurations, provisioning policies, and rules within SailPoint IdentityIQ.
Quick learner, collaborative, and adept at capturing and implementing business system requirements.
Proficient in source control and development tools such as GitHub and Eclipse.
Strong problem‑solving skills with clear communication of solutions and progress.
Experimental mindset with a drive for innovation.
Creative thinker with a passion for solving complex problems.
Programming experience with BeanShell, JavaScript, Java, SQL, Oracle, Python, etc.
Experience developing web‑based applications and integrating web services using REST APIs and JSON.
Experience working with RDBMS databases and writing SQL queries.
Excellent oral and written communication skills.
Strong focus on customer experience and satisfaction.
Effective communicator with strong liaison skills across all organizational levels.
Performs well under pressure and consistently delivers high‑quality, compliant solutions.
Education & Certifications
Required: Bachelor’s degree in Computer Science, Computer Engineering, or a related technical discipline.
Preferred certifications: CISSP, CISM/CISA, SailPoint IdentityIQ Architect.
Relevant Work Experience 10+ years of experience in IAM and identity management.
Compensation Primary Location Pay Range: $142,361.11 – $213,541.67. Compensation is based on experience and other factors. Benefits include health, dental, vision, retirement, and additional programs as outlined on our careers site.
Application Window The application window is 30 days from the date the job is posted, unless the number of applicants requires it to close sooner or later.
Equal Employment Opportunity Comcast is an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.
#J-18808-Ljbffr
What You’ll Do:
Apply expertise in SailPoint IdentityIQ and Radiant One FID / Global Sync to enhance and expand the enterprise IAM platform.
Collaborate with Agile teams to design, build, test, and support scalable IAM solutions that meet foundational enterprise needs.
Contribute innovative and efficient configuration and coding solutions in SailPoint IdentityIQ and Radiant One FID environments.
Engineer cost‑effective technical solutions leveraging Radiant One FID and Global Sync to address business challenges and streamline identity and access processes.
Develop tactical and strategic IAM solutions aligned with evolving business requirements.
Partner with stakeholders to gather and validate requirements, ensuring delivered solutions meet expectations.
Participate in project teams to design new system capabilities, including proof‑of‑concept implementations, and present their functionality.
Deploy and manage Radiant One FID in Kubernetes environments using Helm charts for scalable, reproducible, reliable containerized deployments.
Support the end‑to‑end testing lifecycle for system changes, including integrations with Radiant One FID / Global Sync.
Create proactive capacity forecasts to prevent outages and ensure system reliability.
Establish and maintain processes and procedures that uphold high standards of availability, security, and quality in managed IAM environments.
Leverage Radiant One FID for advanced identity aggregation from multiple directories and cloud sources into a unified virtual directory.
Implement scalable multi-domain identity solutions with Radiant One FID, improving cross‑system interoperability and accelerating enterprise onboarding/offboarding processes.
Manage a small team of specialized developers, overseeing daily activities, mentoring, and providing technical and strategic guidance.
Required Skills
Over 10 years of experience implementing SailPoint IdentityIQ.
More than 5 years of experience designing, architecting, and maintaining Radiant Logic Virtual Directory Service (VDS), including Federated Identity Management (FIM) and Identity Correlation and Synchronization (ICS).
Skilled in integrating data sources and applications into VDS, configuring data access views and permissions, and performing identity correlation and synchronization.
Strong knowledge of LDAP, Active Directory services, Multi‑Factor Authentication (MFA), risk‑based authentication, and privileged access management.
Deep understanding of IAM across authentication, authorization, endpoint security, network security, and policy engines.
Technical expertise with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping Identity, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and cross‑domain IDM integrations.
Solid grasp of cloud identity concepts and hands‑on experience with Azure AD and other cloud environments.
3–5+ years of experience developing workflows, forms, connector configurations, provisioning policies, and rules within SailPoint IdentityIQ.
Quick learner, collaborative, and adept at capturing and implementing business system requirements.
Proficient in source control and development tools such as GitHub and Eclipse.
Strong problem‑solving skills with clear communication of solutions and progress.
Experimental mindset with a drive for innovation.
Creative thinker with a passion for solving complex problems.
Programming experience with BeanShell, JavaScript, Java, SQL, Oracle, Python, etc.
Experience developing web‑based applications and integrating web services using REST APIs and JSON.
Experience working with RDBMS databases and writing SQL queries.
Excellent oral and written communication skills.
Strong focus on customer experience and satisfaction.
Effective communicator with strong liaison skills across all organizational levels.
Performs well under pressure and consistently delivers high‑quality, compliant solutions.
Education & Certifications
Required: Bachelor’s degree in Computer Science, Computer Engineering, or a related technical discipline.
Preferred certifications: CISSP, CISM/CISA, SailPoint IdentityIQ Architect.
Relevant Work Experience 10+ years of experience in IAM and identity management.
Compensation Primary Location Pay Range: $142,361.11 – $213,541.67. Compensation is based on experience and other factors. Benefits include health, dental, vision, retirement, and additional programs as outlined on our careers site.
Application Window The application window is 30 days from the date the job is posted, unless the number of applicants requires it to close sooner or later.
Equal Employment Opportunity Comcast is an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.
#J-18808-Ljbffr