Identity and Access Management (IAM) Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Universal Music Group · 2 months ago

Identity and Access Management (IAM) Engineer

positionNashville, TN
timeFull-time
remoteOnsite
senioritySenior Level
money$121K/yr - $145K/yr
date5+ years exp

Universal Music Group is the world’s leading music company, committed to artistry, innovation, and entrepreneurship. They are seeking an IAM Engineer to join their global Tech Security team, focusing on engineering, automation, and optimization of identity services across various IAM solutions.

Audio Recording and ProductionMedia and EntertainmentMusicPublishing
check
H1B Sponsor Likelynote

Responsibilities

Engineer, deploy, and maintain IAM tools across the enterprise including CyberArk, Ping DaVinci, Microsoft EntraID (formerly Azure AD), HashiCorp Vault, Digicert, and Saviynt
Lead and support the implementation and enhancement of IAM services including: - SSO/Federation (SAML, OIDC, WS-Fed) - MFA/Passwordless - Privileged Access Management (PAM) - Identity Governance (IGA) - PKI and certificate lifecycle automation - Directory services (AD, EntraID)
Build automation scripts and integrations for IAM workflows using tools such as PowerShell, Python, or Terraform
Design and implement access controls and policies that align with security and compliance standards (SOX, GDPR, etc.)
Evaluate and deploy AI-powered tools and methodologies to improve identity lifecycle efficiency, risk detection, and operational decision-making
Participate in lifecycle management processes for accounts, credentials, roles, and policies across systems and applications
Collaborate with InfoSec, Infrastructure, and App teams to ensure secure identity architecture for on-prem and cloud environments
Maintain high-quality documentation and architectural diagrams
Monitor and report metrics on IAM system performance, adoption, and audit readiness

Qualification

IAM engineeringCyberArkMicrosoft EntraIDIdentity GovernanceAutomation scriptingIAM protocolsCloud platformsCompliance frameworksTroubleshootingAI/ML integrationDocumentationCommunication skillsGlobal team collaboration

Required

5+ years of hands-on experience in IAM engineering roles
Deep technical expertise in one or more of the following: CyberArk, Ping Identity, Microsoft EntraID, Saviynt, HashiCorp Vault, Digicert, Onfido
Solid understanding of IAM protocols and standards: SAML, OIDC, OAuth2, LDAP, Kerberos, SCIM, JIT
Experience with automation tools and scripting (e.g., PowerShell, Python, Terraform)
Familiarity with cloud platforms (Azure, AWS, GCP) and IAM integrations
Strong understanding of IAM-related compliance frameworks and controls (e.g., SOX, ISO 27001, NIST)
Proven ability to work independently and cross-functionally in a global team
Strong troubleshooting, documentation, and communication skills

Preferred

Bachelor's Degree in Computer Science, Engineering, or a related technical field
Professional certifications such as: CISSP, Security+, Microsoft Certified: Identity and Access Administrator, CyberArk Defender, Ping Identity Certified Professional
Experience with AI/ML integration into IAM workflows or security analytics
Experience supporting IAM functions in media or entertainment industry environments
Experience working on a global team covering multiple timezones

Benefits

Comprehensive medical, dental, vision, and FSA options, as well as:
+ 100% coverage for out-patient mental health services
+ Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)
+ A lifetime fertility support allowance of $30,000 to plan participants
+ Student Loan Repayment Assistance and Tuition Reimbursement
+ 100% immediately vested 401(k) match on the first 5% of your contribution on eligible compensation
Variety of ways to prioritize much-needed time away from work including:
+ Flexible Paid Time Off (PTO) for exempt employees
+ 3-weeks PTO for non-exempt employees
+ 2-weeks paid Winter Break
+ 10 Company Holidays (including Juneteenth and Wellbeing Day)
+ Summer Fridays (between Memorial Day and Labor Day)
+ Generous paid parental leave for every type of parent

Company

Universal Music Group

twittertwittertwitter
Glassdoor3.8
company-logo
Universal Music Group is a music-based entertainment company that offers music recording, publishing, and merchandising services worldwide. It is a sub-organization of Leviy Publishing.
dateFounded in 1934
location
New York, New York, USA
people-size10001+ employees
web-link
https://www.universalmusic.com

H1B Sponsorship

Universal Music Group has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (19)
2024 (24)
2023 (14)
2022 (22)
2021 (18)
2020 (19)

Funding

Current Stage
Public Company
Total Funding
$8.65B
Key Investors
William AckmanTencent
2023-06-06Post Ipo Debt· $802.31M
2021-09-21IPO
2021-06-21Secondary Market· $4.17B

Leadership Team

leader-logo
Devraj Sanyal
Chairman & CEO, Universal Music Group, India & South Asia; SVP Strategy "AMEA"
linkedin
leader-logo
Timothy Xu
Chairman and CEO

Recent News

Billboard
Executive Turntable: HYBE America Names Comms Head — Plus, WME Touring Veteran Bounces to CAA
2026-01-11
AP News
Judge dismisses Salt-N-Pepa’s lawsuit to reclaim master recordings from Universal Music Group
2026-01-11
Digital Music News
Latest Music Industry Hires: Target Center, Legends Global, Invisible Art, Catch Point, AFM Local 47, Copyright Alliance, More
2026-01-11
Company data provided by crunchbase