Senior IAM Engineer (Contract-to-Hire)
Location: New York, NY (Hybrid)
Type: Contract-to-Hire
Industry: Financial Services / FinTech
Overview
We are seeking a Senior Identity & Access Management (IAM) Engineer to join a high-growth financial services organization based in New York. This is a contract-to-hire opportunity, ideal for an experienced IAM professional who enjoys building secure, scalable identity platforms in regulated environments.
You will play a key role in designing, implementing, and operating enterprise-grade IAM solutions that support secure access across cloud, on-prem, and third-party platforms, while meeting stringent regulatory and security requirements.
Key Responsibilities
• Design, implement, and maintain IAM architectures supporting employees, partners, and applications
• Lead integration of SSO, MFA, and federated identity solutions across enterprise systems
• Develop and manage RBAC / ABAC models and access lifecycle workflows (joiner, mover, leaver)
• Integrate IAM solutions with cloud platforms (AWS, Azure, GCP) and SaaS applications
• Implement and support identity governance and administration (IGA) controls
• Collaborate with Security, Compliance, and Audit teams to meet SOX, SOC 2, PCI, and regulatory requirements
• Automate access provisioning and de-provisioning using APIs, workflows, and scripting
• Support privileged access management (PAM) initiatives
• Troubleshoot complex authentication and authorization issues
• Provide technical leadership and mentorship to junior engineers
• Participate in security incident response related to identity and access
Required Qualifications
• 7+ years of experience in Identity & Access Management
• Strong hands-on experience with IAM platforms such as:
• Okta, Azure AD / Entra ID, Ping Identity, ForgeRock, SailPoint, CyberArk (or similar)
• Deep knowledge of authentication and authorization protocols:
• SAML, OAuth 2.0, OpenID Connect, LDAP, SCIM
• Experience implementing MFA, conditional access, and zero-trust principles
• Solid scripting or automation skills (Python, PowerShell, Bash, or similar)
• Experience working in financial services or other highly regulated environments
• Strong understanding of security best practices and compliance requirements
• Excellent communication skills and ability to work cross-functionally
Nice to Have
• Experience with Privileged Access Management (PAM) tools
• Familiarity with policy-as-code or identity automation frameworks
• Experience supporting customer identity (CIAM) platforms
• Exposure to cloud-native security and DevSecOps practices
• Relevant certifications (Okta, Azure, CISSP, IAM-focused certs)
