IAM Architect Location: Remote (US or Canada)Role Overview We are seeking an experienced IAM Architect to lead the design and implementation of enterprise identity and access management solutions. This role will own architecture across Identity Governance (IGA), Access Management (AM), and Authentication platforms. Our environment is primarily SailPoint Identity Security Cloud (ISC), with significant use of Ping Identity solutions and Saviynt. The ideal candidate has experience designing across these platforms and can translate business, security, and compliance requirements into scalable IAM architectures. This is a hands-on architecture role — not strategy-only. Responsibilities - ​​​​​Define and lead enterprise IAM architecture strategy - Design and implement identity governance solutions (SailPoint ISC, Saviynt) - Design and support access management solutions (PingFederate, PingOne, SSO, MFA) - Architect lifecycle management, RBAC models, and access certification frameworks - Lead integration design for AD, Azure/Entra ID, HR systems, ERP platforms, and SaaS applications - Design SSO, federation (SAML, OIDC, OAuth), and MFA strategies - Ensure IAM solutions align with security, audit, and compliance requirements - Provide technical leadership to IAM engineers and implementation teams - Support cloud-first identity strategies and Zero Trust initiatives Required Experience - 8+ years in IAM / cybersecurity architecture - Strong experience with SailPoint (preferably ISC) - Experience with Ping Identity products (PingFederate, PingOne, MFA) - Experience with Saviynt or other IGA platforms - Deep understanding of IGA, SSO, federation, and access control models - Experience integrating IAM platforms with enterprise applications and cloud services - Knowledge of SAML, OAuth, OIDC, SCIM, and REST APIs Preferred - SailPoint ISC or Saviynt certifications - Ping Identity certifications - Experience in regulated industries - Experience leading IAM modernization or migration programs Why Simeio?: Simeio is a global managed services provider offering Identity and Access Management solutions delivered as a service and interoperable with leading IAM tools. With 700+ employees worldwide, Simeio secures over 160 million identities globally for large enterprises and government entities. Services and solutions from Simeio include Customer Identity & Access Management, Privileged Access Management, Identity Proofing, Access Management & Federation, Identity Governance & Administration, Application Onboarding, and Simeio Identity Orchestrator. The company has been recognized for its business and technical leadership and highly rated by Gartner, Forrester, and KuppingerCole, and was ranked by Great Places to Work®. For more information visit simeio.com ​​​​​​​ Simeio is an equal opportunity employer. If you require assistance with completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to any of the recruitment team at recruitment@simeio.com or +1 404-882-3700.

Role: IAM Architect - Saviynt Location: Remote (US or Canada)Role Overview We are seeking a hands-on Saviynt Architect with proven experience delivering multiple full lifecycle Saviynt IGA implementations. This role requires ownership of solution design, configuration, integrations, and deployment in complex enterprise environments. This is not a strategy-only role — the ideal candidate must be able to architect the solution and execute the build. Responsibilities - Lead end-to-end Saviynt implementations - Design scalable identity governance and access control models - Configure lifecycle management, access requests, certifications, and RBAC - Build and configure connectors for AD, Azure/Entra ID, SAP, Workday, and SaaS applications - Develop provisioning workflows, approval processes, and access policies - Configure SoD controls and compliance reporting - Translate business requirements into technical design documentation - Troubleshoot and optimize Saviynt configurations - Support go-live and post-implementation stabilization Required Experience - Architecture & hands-on Saviynt experience - Experience delivering at least 2 full Saviynt implementations - Strong understanding of Identity Governance and Administration (IGA) - Experience integrating Saviynt with AD, HR systems, ERP platforms, and SaaS applications - Experience with REST APIs and web service integrations - Strong SQL knowledge (Saviynt relies heavily on database configuration) Preferred - Saviynt certification - Experience with Saviynt EIC (Enterprise Identity Cloud) - Experience in regulated industries (Finance, Healthcare, etc.) - Scripting experience (PowerShell, Python) Why Simeio?: Simeio is a global managed services provider offering Identity and Access Management solutions delivered as a service and interoperable with leading IAM tools. With 700+ employees worldwide, Simeio secures over 160 million identities globally for large enterprises and government entities. Services and solutions from Simeio include Customer Identity & Access Management, Privileged Access Management, Identity Proofing, Access Management & Federation, Identity Governance & Administration, Application Onboarding, and Simeio Identity Orchestrator. The company has been recognized for its business and technical leadership and highly rated by Gartner, Forrester, and KuppingerCole, and was ranked by Great Places to Work®. For more information visit simeio.com Simeio is an equal opportunity employer. If you require assistance with completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to any of the recruitment team at recruitment@simeio.com or +1 404-882-3700.

Role: IAM Architect - Sailpoint Location: Remote - US Or CanadaRole Overview We are looking for a hands-on SailPoint Identity Security Cloud (ISC) Architect with proven experience delivering multiple full lifecycle ISC implementations. This person will lead design, configuration, integration, and deployment of SailPoint ISC in enterprise environments. This is not a strategy-only role — we need someone who can architect the solution and execute the build. Responsibilities - Lead end-to-end SailPoint ISC implementations - Design scalable identity governance and access models - Configure lifecycle management, access requests, certifications, and RBAC - Build and configure application integrations (AD, Azure/Entra ID, HR systems, SaaS apps) - Develop provisioning workflows and policies - Translate business requirements into technical design - Troubleshoot and optimize ISC configurations - Support go-live and post-implementation stabilization Required Experience - SailPoint ISC experience - Experience delivering at least 2 full SailPoint ISC implementations - Strong understanding of Identity Governance and Administration (IGA) - Experience integrating ISC with Active Directory, HR systems, and SaaS applications - Familiarity with REST APIs and cloud-based architectures Preferred - SailPoint ISC certification - Experience migrating from IdentityIQ to ISC - Scripting experience (PowerShell, Python) Why Simeio?: Simeio is a global managed services provider offering Identity and Access Management solutions delivered as a service and interoperable with leading IAM tools. With 700+ employees worldwide, Simeio secures over 160 million identities globally for large enterprises and government entities. Services and solutions from Simeio include Customer Identity & Access Management, Privileged Access Management, Identity Proofing, Access Management & Federation, Identity Governance & Administration, Application Onboarding, and Simeio Identity Orchestrator. The company has been recognized for its business and technical leadership and highly rated by Gartner, Forrester, and KuppingerCole, and was ranked by Great Places to Work®. For more information visit simeio.com Simeio is an equal opportunity employer. If you require assistance with completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to any of the recruitment team at recruitment@simeio.com or +1 404-882-3700.

Senior Splunk Engineer This position requires an active Public Trust clearance to be considered. A government contract requires that this position be restricted to U.S. citizens or legal permanent residents. You must provide documentation that you are a U.S. citizen or legal permanent resident to qualify. We are seeking a Senior Splunk Engineer to architect, build, and operate Splunk Enterprise and Enterprise Security (ES) across hybrid environments with a strong emphasis on AWS. You will own the Splunk platform end to end—ingest, CIM mapping, ES content, search and dashboard performance, SOAR automations, and ServiceNow IR integrations. You will drive detection, response, and reporting outcomes that meet FISMA/NIST RMF, FedRAMP, and CMMC requirements. You will implement robust governance, RBAC, change control, and audit-ready evidence. You will partner with SOC, IR, cloud, and platform teams to deliver measurable risk reduction and operational efficiency. Compensation & Benefits: Estimated starting salary range: $150,000- $165,000. Pay commensurate with experience. Full-time benefits include Medical, Dental, Vision, 401K, and other possible benefits. Benefits may change with or without notice. Senior Splunk Engineer Responsibilities Include: - Design, deploy, and maintain Splunk Enterprise, indexers, search heads (including SHC), cluster master/CM, deployment server/Deployer, forwarders, and KV stores across on‑prem and AWS. - Engineer scalable data onboarding pipelines, parsing, and indexing with props/transforms, HEC, UF/HF, and S3/SQS/SNS-based ingestion. - Enforce RBAC, data retention, index strategy, knowledge object governance, and change control aligned to federal compliance. - Optimize search performance, data model accelerations, KV store usage, and ES notable event throughput and latency. - Develop and tune ES correlation searches, risk-based alerting (RBA), and adaptive response actions mapped to MITRE ATT&CK. - Build dashboards, investigations, and notable event workflows that reduce false positives and drive analyst efficiency. - Maintain CIM-compliant data models; lead normalization and data quality initiatives across cloud, endpoint, identity, and network sources. - Measure and report detection and response efficacy (MTTR, precision/recall, RBA risk scores, SLA adherence). - Engineer Splunk SOAR (Phantom) playbooks and apps with secure, scalable configurations to triage, enrich, and contain threats. - Integrate ES notables with automated triage and ServiceNow IR for incident creation, enrichment, SLA tracking, approvals, and evidence attachments. - Build AWS-focused detection and response: GuardDuty, CloudTrail, Security Hub, VPC Flow Logs, IAM, EC2, S3; implement safe actions (e.g., EC2 isolation, S3 access updates, EBS snapshots, IAM key rotation/MFA enforcement, Security Hub updates) with human-in-the-loop approvals and rollback. - Integrate EDR and identity platforms for host containment, IOC blocking, and remote response via APIs. - Lead Splunk deployments in AWS including scalability, multi-account/multi-region ingestion, and cross-account automation via Boto3 and native services. - Standardize reusable Python modules, SDK usage, and CI/CD practices for app/deployment packaging and version control. - Map controls to FISMA/NIST RMF, FedRAMP, and CMMC; maintain audit-ready evidence through logging, approval trails, and configuration baselines. - Drive POA&M updates, control validations, and continuous monitoring dashboards. - Champion secrets management, least privilege, and safe-response guardrails in all platform and automation changes. - Translate SOC/IR runbooks (phishing, malware, IAM abuse, EC2 compromise) into reliable detections and automations. - Mentor junior engineers and analysts on SPL, ES content development, CIM, and SOAR playbooks. - Partner with stakeholders to prioritize use cases and deliver quantifiable outcomes. - Other duties as assigned. Experience, Education, Skills, Abilities - 7+ years in security engineering, SOC/IR, or platform engineering, including 4+ years designing and operating Splunk Enterprise and Splunk ES in production. - 3+ years hands-on with Splunk SOAR (Phantom) and automation of ES notables and ServiceNow IR workflows. - Strong AWS experience: GuardDuty, CloudTrail, Security Hub, IAM, EC2, S3, VPC Flow Logs; cross-account and multi-region preferred. - Proven ServiceNow Incident Response integration experience. - Proficiency in SPL, Python, AWS Boto3, Splunk/Phantom SDKs, REST APIs, and Git-based version control. - Deep knowledge of CIM, data model accelerations, index/retention strategy, and search performance tuning. - Strong grasp of MITRE ATT&CK, CVE/CVSS, CISA KEV, and risk-based detection and automation. - Experience aligning operations with FISMA/NIST RMF, FedRAMP, and CMMC; evidence generation and audit support. - Preferred: Splunk certifications (Core Certified Power User/Admin/Architect, ES Admin), AWS certifications, Security+, CySA+, CISSP, GCDA/GCSA. - Preferred: Experience with Splunk SHC, DS/Deployer, KVstore management, ES content management at scale, AWS Organizations, and ServiceNow IR customization/change management integrations. - Must pass pre-employment qualifications of Cherokee Federal. Company Information Criterion is a part of Cherokee Federal – the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government’s mission with compassion and heart. To learn more about Criterion, visit cherokee-federal.com. Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply. #LI-SM2 #Appc Similar Searchable Job Titles - Senior Splunk Engineer - Splunk ES Engineer - Senior Security Analytics Engineer - Security Automation Engineer - Security Orchestration Engineer Keywords - Splunk Enterprise - Splunk ES - Splunk SOAR - AWS - Security Analytics - Incident Response, - ServiceNow IR - CIM - RBA - Automation Legal Disclaimer: All qualified applicants will receive consideration for employment without regard to protected veteran status, disability or any other status protected under applicable federal, state or local law.