# IAM Senior Engineer

> Inbox Business Technologies · Riyadh, Saudi Arabia · Full-time · Posted 2026-07-09

**Workplace:** on_site

## Description

The Senior Identity & Access Management (IAM) Engineer is responsible for designing, implementing, and maintaining enterprise IAM solutions that ensure secure and seamless access to systems and data. This role involves leading technical initiatives, automating identity lifecycle processes, integrating applications, and enforcing security policies across the organization. The engineer collaborates with security, infrastructure, and application teams to ensure IAM aligns with business needs and zero‑trust security principle

### Responsibilities

**1\. IAM Architecture & Engineering**

-   Design and implement IAM architectures, including:

-   Identity lifecycle management
-   Authentication and authorization models
-   Access governance and role-based access control (RBAC/ABAC)
-   Privileged access management (PAM)

-   Implement Zero-Trust aligned identity controls.
-   Develop system integrations using APIs, SSO, federation (SAML, OAuth, OIDC), and SCIM provisioning.

**2\. Identity Lifecycle & Automation**

-   Automate joiner/mover/leaver (JML) workflows.
-   Build custom connectors, provisioning scripts, and automation pipelines using PowerShell, Windows Script
-   Optimize identity data flows between HR systems, directories, and applications.

**3\. Directory & Authentication Services**

-   Manage enterprise identity directories (e.g., Active Directory, Entra ID, LDAP).
-   Implement MFA, passwordless authentication, and adaptive access policies.
-   Troubleshoot authentication issues across protocols: Kerberos, LDAP, SAML, OAuth 2.0, OIDC.

**4\. Access Governance & Compliance**

-   Ensure adherence to access policies and regulatory requirements (ISO 27001, SOX, HIPAA, PCI, etc.).
-   Support access certifications/attestations.
-   Develop and maintain IAM standards, patterns, and playbooks.
-   Conduct periodic access reviews and risk analysis.

**5\. Privileged Access Management (PAM)**

-   Administer PAM platforms (CyberArk, BeyondTrust, Delinea, etc.).
-   Implement vaulting, credential rotation, session monitoring, and just‑in‑time access.
-   Reduce standing privileges and legacy admin accounts.

**6\. Application Integration**

-   Onboard applications for SSO and provisioning using SAML , OAuth, and SCIM
-   Work with developers and product teams to implement secure, modern identity patterns.

**7\. Incident Response & Troubleshooting**

-   Investigate and resolve IAM‑related security incidents.
-   Support SOC with identity‑specific detection, alerts, and forensics.
-   Perform root-cause analysis for identity access failures.

## Requirements

**Technical Skills**

-   Strong expertise in:

-   IAM platform(s): Okta, Azure AD/Entra ID, Ping, ForgeRock, SailPoint, etc.
-   Directory services (Active Directory, LDAP)
-   SSO/Federation (SAML, OIDC, OAuth)
-   SCIM provisioning

-   Experience with privileged access technologies.
-   Familiarity with Zero Trust principles.
-   Understanding of cloud platforms: Azure, AWS, or GCP.

**Soft Skills**

-   Strong problem-solving and analytical mindset.
-   Ability to communicate with both technical and non‑technical stakeholders.
-   Experience leading projects and delivering enterprise‑grade solutions.

## Apply

[Apply at Inbox Business Technologies](https://apply.workable.com/inbox-business-technologies/j/C56844A25D/apply)

---
Powered by [Workable](https://www.workable.com)
