IT IAM Engineer
Location
United States
Posted
1 day ago
Salary
$100K - $120K / year
Seniority
Mid Level
Job Description
IT IAM Engineer
Lumistry
Role Description The IT IAM Engineer acts as a business enabler, proactively identifying and building solutions that help the company scale securely. The role owns the day-to-day administration of Lumistry's identity, access, and endpoint infrastructure and serves as the technical escalation point above our managed service provider for IT support. This is a role for someone who is comfortable working autonomously and taking ownership of their work, with support from the team. We are looking for a candidate who enjoys pragmatic optimization: automate the repetitive work and remediate what matters. The role reports to the Senior Director of IT & Information Security. - Administer the corporate identity provider: SSO configuration, application integrations, directory hygiene, and authentication policy - Build and maintain SCIM provisioning and deprovisioning so that joining, moving, and leaving the company drives access automatically from the HR system of record - Develop zero-touch employee lifecycle from initial provisioning through teardown in disparate systems. - Design and operate privilege escalation workflows so elevated access is requested, approved, time-bound, and logged rather than standing - Manage the lifecycle of service, shared, and machine accounts, including ownership assignment, credential vaulting, and rotation - Administer the productivity and collaboration suites (Google Workspace, Microsoft 365), including organizational units, delegation, security settings, and license hygiene - Execute identity consolidation across legacy product domains, working toward a single directory of record - Manage business request intake and routing so that requests for access, software, and purchases are approved by the appropriate owners before fulfillment - Conduct recurring user-access reviews and SSO hygiene checks across the SaaS application estate, producing audit-ready evidence - Manage software and hardware assets, including inventory tracking, procurement support, and administration of the macOS and Windows fleet through MDM - Maintain endpoint security by enforcing patching, triaging endpoint security alerts and vulnerabilities, and driving remediation to completion - Serve as the escalation point for the outsourced helpdesk, resolving escalated tickets and identifying opportunities to automate recurring requests - Automate repetitive tasks by integrating and scripting across the IT and security toolchain to scale the team's impact as the company grows - Support SOC 2 and enterprise customer security reviews with access evidence, controls, and documentation - Other duties as assigned Qualifications - 5+ years of hands-on IT or identity experience in a production environment - Direct experience configuring an identity provider and SSO integrations (SAML/OIDC) - Experience building SCIM provisioning and deprovisioning against a real application estate - Experience with Mobile Device Management for macOS and Windows - Practical scripting ability (Python, PowerShell, or similar) and comfort working with application and directory APIs - Detail and process-oriented mindset with the willingness to be a generalist and dig into things you have not done before - Excellent written communication and an inclination to document your work - Ability to operate semi-autonomously, sorting immediate priorities out of the shifting needs of a growing company Preferred - Experience in a regulated space such as SOC 2, HIPAA, or PCI compliance environments - Experience with identity workflow and automation platforms - Experience consolidating identity across acquired or legacy products - Experience coordinating with a managed service provider - Prior experience at a SaaS company or startup - Experience in secure systems for healthcare or financial industries Compensation The salary range for this role is $100,000-120,000, commensurate with experience. Work Location This is a remote position for candidates based out of the U.S. Applicants must currently reside in and be legally authorized to work in the United States. We are currently unable to provide visa sponsorship or relocation assistance for this role. Diversity & Inclusion at Lumistry Lumistry is an equal opportunity employer dedicated to an inclusive workplace. We prohibit discrimination and harassment based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, pregnancy, or any other characteristic protected by law. This commitment applies to all aspects of employment, from recruiting and hiring to compensation and promotion. Our decisions are based solely on qualifications, merit, and current business needs. Accessibility We provide reasonable accommodations for qualified individuals with disabilities during the application and interview process. If you require assistance, please don't hesitate to reach out.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Offensive Security Engineer, Horizon3.ai NodeZero
Foresite CybersecurityTransform security from a barrier to a Catalyst
• Partner closely with internal Blue Teams, SOC Analysts, and client IT leaders to identify vulnerabilities, map attack paths, and validate remediations. • Configure, deploy, and manage the Horizon3.ai NodeZero platform across diverse multi-tenant client environments, covering internal, external, cloud, and hybrid infrastructures. • Schedule and execute continuous or on-demand autonomous penetration tests based on client risk profiles, compliance mandates, or zero-day threats. • Analyze complex NodeZero testing outputs to differentiate between theoretical vulnerabilities and actual, exploitable attack vectors. • Translate highly technical attack data into clear, risk-prioritized remediation strategies for client IT and security leaders. • Conduct strategic Quarterly Business Reviews (QBRs) to visually demonstrate client security posture improvements and measurable security outcomes over time.
Information System Security Manager – ISSM
Sabel Systems Technology Solutions, LLCProviding digital solutions for software, requirements, systems design, integration, and testing - digital engineering.
• Cyber Risk Assessments and Implement security protocols • Provide in-person and/or remote/hybrid technical security engineering solutions to meet customer’s cybersecurity requirements • Participate in change control boards as a voting member and Evaluate security impacts with design changes • Validate software integrity and acquisition • Develop appropriate policy in accordance with DoD regulations and industry best practices • Oversee security tool efficacy as dictated by the customer (i.e. ACAS, ESS, STIG, SIEM, Back-up/Restoral, ICAM) • Conduct vulnerability scans on a weekly basis in accordance with DAF TASKORDS and DoD regulations • Stay updated with the latest DoD regulations, emerging cybersecurity trends • Develop and implement custom detection techniques to identify new and emerging threats • Report findings to stakeholders and assist in the creation of actionable security recommendations • Collaborate with SOC analysts and incident response teams to investigate, remediate, and escalate security incidents • On-call and/or evening or weekend hours may be required, as needed, for emergent issues • SCA and ATO engagement and eMass package creation and management • Up to 10% domestic travel could be required
• Advise our clients in developing, implementing and reviewing security concepts in a (partially) project-leading capacity • Conduct IT risk analyses and implement and develop security standards and processes • Proactively identify client needs: document, review and evaluate processes • Design goal-oriented, tailored solutions together with our clients, speaking “their language” • Support the implementation and ongoing development of the ISMS at our clients • Improve risk posture and information security by initiating, coordinating and monitoring recommended measures — your hands-on mentality is in demand with our clients
• Advise our clients on developing, implementing and reviewing security concepts in a (partly) project-leading capacity • Perform IT risk analyses as well as implement and develop security standards and processes • Proactively identify client needs: document, assess and evaluate processes • Design goal-oriented, customized solutions together with our clients, speaking “their language” • Support the implementation and ongoing development of clients' ISMS • Improve the risk posture/information security by initiating, coordinating and monitoring recommended measures — your hands-on mentality is in demand with our clients



