Identity and Access Management (IAM) Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Xcel Engineering · 3 days ago

Identity and Access Management (IAM) Engineer

positionOak Ridge, TN
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

XCEL Engineering, Inc. is an award-winning small business providing IT and engineering solutions to federal agencies. They are seeking a qualified IAM professional to engineer and administer SailPoint IdentityIQ and advance their Zero Trust architecture, focusing on automation, access governance, and compliance.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Engineer/administer SailPoint (IIQ/IDN): configuration, workflows, rules/policies, testing, deployment, maintenance
Onboard applications: connectors for EntraID, SaaS, onprem , DBs, directories (AD/LDAP), and HRIS (Workday/SuccessFactors)
Automate JML: provisioning/deprovisioning, birthright/role-based access, movers entitlements
Access governance: entitlements, group management, SOD policies, certification campaigns
Role engineering: business/technical roles aligned to least privilege
Platform ops: patching, upgrades, performance tuning, troubleshooting
Customization: rules/workflows/tasks (Java/Beanshell for IIQ), UI config, reporting, dashboards
Implement identity-first controls: MFA, PKI, conditional access, adaptive/risk-based auth
Integrate with CASB and endpoint posture signals
Align with Zero Trust principles (least privilege, continuous verification)
Build APIs/scripts (PowerShell, Python) for IAM workflows
Support CI/CD for IAM configs and environment promotion
Maintain audit evidence; enforce SOD; reduce identity risk through metrics

Qualification

SailPoint IdentityIQZero Trust architectureIAM/IGA experienceScripting PowerShellScripting PythonIdentity protocols (OIDC/OAuth2/SAML)AD/LDAPRole engineeringAccess governanceAudit complianceMFA implementationAPI integrationSailPoint certificationsServiceNow experience

Required

United States citizen with the ability to obtain a security clearance
Bachelor's degree in Information Technology, IT Operations Management, or a related field
5-8+ years IAM/IGA, 2-4+ years SailPoint engineering/admin (IIQ)
Strong grasp of Zero Trust; identity protocols (OIDC/OAuth2/SAML); AD/LDAP
Scripting: PowerShell, Python; Java/Beanshell (IIQ); REST APIs

Preferred

SailPoint certifications; SC300; CISSP; AZ500
Experience with Entra ID/Ping, CASB, ServiceNow

Company

Xcel Engineering

twitter
company-logo
XCEL Engineering, Inc.
dateFounded in 1971
location
Oak Ridge, Tennessee, US
people-size51-200 employees
web-link
https://www.xceleng.com

Funding

Current Stage
Growth Stage
Company data provided by crunchbase