Applied IAM
    ← Back to all

    IAM Engineer

    Location: Remote/Hybrid

    Overview

    At Applied IAM, we treat identity as the control plane for modern security. As an IAM Engineer, you’ll contribute to client delivery work that improves visibility and reduces risk—supporting identity governance, access controls, and integrations while building practical, job-ready engineering skills.

    Core responsibilities

    • Work with the Applied IAM team to identify critical identity signals (SSO/MFA, privileged access, service accounts) and define what “good logging” looks like
    • Onboard and validate telemetry from identity and access platforms (IdP/IGA/PAM), plus supporting cloud and endpoint sources, to improve investigation readiness
    • Build and tune detections focused on identity risk (anomalous sign-ins, MFA abuse, privilege escalation, excessive entitlements, and service-account misuse)
    • Create lightweight dashboards and recurring summaries that help clients understand identity security posture and trends
    • Enrich alerts using APIs and automation (Python/PowerShell) to add context like user attributes, group membership, roles, device details, and recent changes
    • Support investigations by collecting timelines, preserving evidence, and drafting clear incident notes and recommended next steps
    • Assist with security checks (vulnerability scans and configuration reviews) and track remediation items to closure with engineering teams
    • Help validate IAM controls (MFA/conditional access, least privilege, privileged workflows) and document improvement opportunities
    • Contribute to internal runbooks and knowledge base articles so common response tasks are consistent and repeatable

    Minimum qualifications

    • Bachelor’s or Master’s degree (in progress or recently completed) in Computer Science, Cybersecurity, Engineering, or a closely related field
    • Strong fundamentals in networking and systems (TCP/IP, DNS, Windows/Linux basics) and a working understanding of authentication
    • Interest in identity security and access controls (SSO, MFA, least privilege, privileged access)
    • Basic understanding of REST APIs (HTTP methods, JSON, and token-based authentication) and comfort using tools like Postman/cURL
    • Comfort reading and interpreting logs (sign-in events, admin actions, audit trails) and documenting what you find
    • Basic cloud familiarity (AWS/Azure/GCP) and willingness to learn how identity and access work in cloud environments
    • Ability to automate small tasks or data pulls using Python or PowerShell
    • Clear written communication and comfort collaborating in a client-facing team
    • Authorization to work in the United States

    Preferred qualifications

    • Exposure to IAM platforms and workflows (SailPoint, CyberArk, Okta, Saviynt) through coursework, labs, or projects
    • Familiarity with identity standards and protocols (SAML, OIDC/OAuth2, SCIM) and how they show up in logs
    • Hands-on SailPoint implementation skills (Java/BeanShell, XML, SQL; JavaScript is a plus) or a comparable IGA scripting background
    • Experience building small integrations or automations using APIs (data pulls, enrichment, simple connectors)
    • Understanding of common identity attack paths (credential stuffing, token theft, MFA fatigue, privilege escalation) and where to detect them
    • Evidence of practical work (home lab, GitHub projects, write-ups, dashboards, scripts, or detection experiments)
    • Comfort using Git/GitHub for collaboration and documentation

    What you’ll get

    Compensation

    Competitive compensation aligned to the role and location

    Flexible setup

    A schedule and work style that supports outcomes

    Growth & feedback

    Regular guidance and practical learning

    Apply Now

    Fill out the form and attach your resume to apply for this position.

    No file chosen

    Accepted file types: pdf, docx, doc. Max. file size: 4 MB.

    By submitting this form, you agree to our privacy policy and terms of service.