OneMain Financial Jobs

Home View All Jobs (2,089,023)
are. To learn more: <a href="https://plc.pearson.com">We are Pearson.</a></p><p>Pearson is an Equa
dations by emailing <a href="mailto:TalentExperienceGlobalTeam@grp.pearson.com"> TalentExperienceGlobalTeam@grp.pearson.com.</a></p><br><strong>Job: </strong>Engineering <br><strong>

Job Information

Pearson Security Engineer III in Bangalore, India

Security Engineer III (IAM / IGA Security Engineer)

Position Overview

We are seeking a highly skilled IAM / IGA Security Engineer to design, implement, and operate our enterprise Identity Governance and Administration (IGA) platform. This role plays a critical part in securing access to systems and data while enabling operational efficiency through automation, policy-driven governance, and scalable identity lifecycle management.

The ideal candidate has strong hands-on experience with IGA platforms—especially MidPoint (preferred) —and excels at designing identity solutions that balance security, compliance, and user experience . You will collaborate closely with Security, IT, HR, and business stakeholders to deliver a modern, resilient IAM ecosystem.

Key Responsibilities

IGA Platform Design & Engineering

  • Design, implement, and maintain Identity Governance & Administration (IGA) solutions using MidPoint or equivalent platforms (SailPoint, Saviynt, Omada)

  • Configure and customize IGA capabilities:

  • Identity lifecycle management (Joiner / Mover / Leaver)

  • Access requests and approvals

  • Role management and RBAC

  • Policy enforcement and access certifications

  • Build and optimize enterprise-grade identity models to support scale, performance, and resiliency

  • Lead platform upgrades, performance tuning, and continuous improvements

Identity Lifecycle & Access Governance

  • Design and automate end-to-end identity lifecycle workflows

  • Implement birthright access models based on role, department, and business needs

  • Build access request workflows that balance security, compliance, and usability

  • Implement and manage periodic access certification campaigns

  • Integrate and govern privileged access via PAM systems and elevated access workflows

  • Identify and remediate orphaned accounts, excessive privileges, and access risks

Integration & Automation

  • Develop and support integrations with:

  • Authoritative identity sources (HR systems)

  • Directories & IAM providers (Active Directory, Azure AD / Entra ID, Okta)

  • Cloud platforms (AWS IAM, Azure RBAC, GCP IAM)

  • SaaS and enterprise applications

  • Build custom extensions using:

  • Python, PowerShell, Groovy, or Java

  • REST and SOAP APIs

  • SCIM and event-driven provisioning

  • Design data mappings and transformations to reconcile identity data across systems

  • Implement monitoring, logging, and alerting for identity and provisioning events

Security, Compliance & Risk Management

  • Define and enforce:

  • Least-privilege access

  • Segregation of Duties (SoD)

  • Access policies and governance controls

  • Support compliance initiatives including:

  • SOX, SOC 2, ISO 27001, HIPAA, GDPR

  • Generate audit-ready reports on:

  • User access

  • Entitlements

  • Certifications

  • Policy violations

  • Maintain IAM documentation, architecture diagrams, and operational runbooks

Collaboration & Operational Support

  • Partner with HR, IT Operations, Security, and application teams

  • Serve as a technical advisor on:

  • IAM best practices

  • RBAC and least privilege

  • Zero Trust principles

  • Troubleshoot and resolve complex IAM issues

  • Support security incidents involving identity compromise or unauthorized access

  • Train IT teams and business owners on IAM tools and processes

Continuous Improvement & Strategy

  • Stay current with IAM trends and emerging technologies , including:

  • Passwordless authentication

  • FIDO2

  • Identity analytics

  • Decentralized identity

  • Measure and optimize IAM effectiveness via metrics and feedback

  • Evaluate new tools and contribute to the IAM technology roadmap

  • Influence enterprise IAM architecture and long-term strategy

Required Qualifications

Experience

  • 5+ years of hands-on Identity & Access Management experience

  • 3+ years working with IGA platforms

  • Proven experience with at least one major IGA solution:

  • MidPoint (preferred)

  • SailPoint (IdentityIQ / IdentityNow)

  • Saviynt

  • Omada

  • Strong experience with:

  • Identity lifecycle management

  • Access certifications

  • RBAC and role engineering

Technical Skills

  • IGA Platforms: Deep technical expertise in MidPoint or equivalent

  • Directories: Active Directory, Azure AD / Entra ID, LDAP

  • Protocols: SAML, OAuth 2.0, OIDC, SCIM

  • Automation & Scripting: Python, PowerShell, Groovy, Java

  • APIs & Integration: REST, SOAP, integration patterns

  • Cloud IAM: AWS IAM, Azure RBAC, GCP IAM

  • Databases: SQL and IAM data modeling

  • SSO & MFA: Okta, Ping, Azure AD, MFA technologies

Soft Skills

  • Strong communication skills — able to explain complex IAM topics to non-technical audiences

  • Collaborative mindset with cross-functional teams

  • Proven ability to drive IAM initiatives from design through production

  • Customer-focused approach to access management

  • Comfortable operating in fast-paced, evolving environments

Education & Certifications

  • Bachelor’s degree in Computer Science, IT, Cybersecurity, or equivalent experience

  • Preferred certifications:

  • CISSP

  • CIAM

  • CompTIA Security+ Vendor-specific IAM certifications (SailPoint, Saviynt, Microsoft)

Preferred / Nice-to-Have Qualifications

  • Hands-on experience implementing and operating MidPoint

  • Experience across multiple IGA platforms

  • Privileged Access Management (CyberArk, BeyondTrust, Delinea)

  • Identity analytics and access risk tooling

  • Infrastructure as Code (Terraform, Ansible)

  • DevSecOps / CI‑CD IAM integrations

  • Experience in highly regulated industries

  • Contributions to open-source IAM projects

  • Knowledge of emerging identity technologies (passwordless, decentralized identity)

Why This Role Matters

You will help secure the organization’s most critical assets by ensuring the right people have the right access at the right time —while reducing friction through automation and intelligent governance.

Who we are:

At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.

Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing TalentExperienceGlobalTeam@grp.pearson.com.

Job: Engineering

Job Family: TECHNOLOGY

Organization: Corporate Strategy & Technology

Schedule: FULL_TIME

Workplace Type: Hybrid

Req ID: 23018

DirectEmployers