Job Information
Ensono Senior IAM Engineer in Princeton, New Jersey
Senior IAM EngineerPrinceton, NJJR013400
At Ensono, our Purpose is to be a relentless ally, disrupting the status quo and unleashing our clients to Do Great Things! We enable our clients to achieve key business outcomes that reshape how our world runs. As an expert technology adviser and managed service provider with cross-platform certifications, Ensono empowers our clients to keep up with continuous change and embrace innovation.
We can Do Great Things because we have great Associates. The Ensono Core Values unify our diverse talents and are woven into how we do business. These five traits are the key to achieving our purpose: Honesty, Reliability, Curiosity, Collaboration, and Passion.
About the role and what you’ll be doing:
The Senior IAM Engineer serves as a technical authority and trusted advisor, leading the design and delivery of Identity and Access Management (IAM) solutions in support of complex application migrations and enterprise security initiatives.
Operating within client governance frameworks, this role partners closely with client stakeholders, architects, and security leadership to define IAM strategies, establish integration standards, and guide implementation outcomes. The Senior IAM Engineer is accountable for the technical quality, security posture, and scalability of IAM solutions and provides leadership across the IAM lifecycle—from design and implementation through migration, testing, and operational readiness.
While this role remains hands-on, it extends beyond execution to include technical decision-making, architectural leadership, and mentorship, ensuring IAM solutions align with business objectives, regulatory requirements, and enterprise security standards.
KEY RESPONSIBILITIES
IAM Architecture & Design Leadership
Lead the design and implementation of IAM solutions across authentication, authorization, secrets management, identity governance, and privileged access domains
Define and maintain IAM reference architectures, integration patterns, and best practices aligned to enterprise standards
Provide technical recommendations and trade-off analysis balancing security, usability, scalability, and operational efficiency
Participate in architecture reviews and influence client IAM roadmaps and modernization strategies
Delivery Ownership & Execution
Own IAM outcomes for assigned programs and migrations, ensuring solutions meet security, compliance, and performance expectations
Lead IAM readiness activities for migrations and cutovers, including risk identification, mitigation planning, and execution support
Guide and execute IAM configuration and integrations for SSO, MFA, federation, PAM, and secrets management
Develop and enhance accelerators, automation, and self-service capabilities to improve delivery efficiency and consistency
Security, Risk & Compliance
Ensure IAM implementations align with enterprise security policies, regulatory requirements, and audit standards
Lead or coordinate IAM-related security testing, including authentication/authorization validation and vulnerability assessments
Identify IAM risks and proactively recommend remediation or improvement opportunities
Technical Leadership & Collaboration
Serve as a point of escalation for complex IAM issues and defect resolution
Mentor junior engineers and review IAM designs, configurations, and documentation
Collaborate with application teams, cloud engineers, security operations, and governance partners to drive successful IAM adoption
Document IAM architectures, configurations, and operational procedures for long-term sustainability
We want all new Associates to succeed in their roles at Ensono. That’s why we’ve outlined the job requirements below. To be considered for this role, it’s important that you meet all Required Qualifications. If you do not meet all of the Preferred Qualifications, we still encourage you to apply.
Required Qualifications:
7+ years of progressive experience in Identity and Access Management engineering, including leadership of complex IAM initiatives
Proven experience designing and implementing IAM solutions in large-scale, hybrid, or cloud environments
Demonstrated ability to act as a technical authority and advisor, influencing IAM decisions and standards
Hands-on expertise with enterprise IAM technologies, including:
Privileged Access Management (PAM)
CyberArk (Enterprise Password Vault, Privileged Session Manager, Central Credential Provider, Conjur)
HashiCorp Vault (secrets engines, policies, authentication methods, dynamic credentials)
Authentication / Identity Providers (IDP)
ForgeRock (Access Management, Identity Management, Directory Services, Identity Gateway)
RSA (SecurID Authentication Manager, MFA, Identity Governance & Lifecycle)
User Access & Entitlement Management
SailPoint (IdentityIQ, IdentityNow – access certifications, provisioning, role management)
ESF (Enterprise Security Framework – entitlement management and access controls)
Strong experience with authentication and federation protocols: SAML, OAuth 2.0, OpenID Connect, Kerberos
Advanced knowledge of Active Directory, LDAP, and identity integrations
Experience with cloud platforms (AWS, Azure) and cloud-native IAM services
Strong scripting and automation capabilities (PowerShell, Python, Terraform, or equivalent)
Excellent troubleshooting, analytical, and communication skills
Preferred Qualifications:
CyberArk Certified Defender or Delivery Engineer
HashiCorp Certified Vault Associate / Professional
ForgeRock Certified Engineer
SailPoint Certified IdentityIQ Engineer
RSA Certified Administrator
Experience in financial services or highly regulated industries
Why Ensono?
Ensono is a place to make better happen – for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it.
We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono office
Some of our benefits include:
Unlimited Paid Days Off
Three health plan options
401k with company match
Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts
Family Forming Benefit including fertility coverage and adoption/surrogacy reimbursement
Paid childbearing and paternal leave
Education Reimbursement, Student Loan Assistance or 529 College Funding
Sabbatical leave
Wellness program
Flexible work schedule
As of the date of this posting, a good faith estimate of the current pay scale for this role is $125,000 to $150,000 annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, includean annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program.
Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law.
Pay transparency nondiscrimination statement/posting OFCCP’s pay transparency policy can be found onOFCCP’s website (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf) .
If you need accommodation at any point during the application or interview process, please let your recruiter know or email USTalentAcquisition@ensono.com .
JR013400