Identity and Access Management (IAM) Engineer

About Us We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead. Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today! The Identity and Access Management (IAM) Engineer is responsible for engineering, operating, and continuously improving the organization's enterprise identity platforms and access governance capabilities. This role focuses on platform ownership, architecture, and complex integrations across hybrid cloud and on-premises environments-not day-to-day access request fulfillment. The IAM Engineer plays a key role in strengthening the organization's security posture by designing scalable identity solutions, integrating IAM platforms with business systems, and driving IAM modernization initiatives in alignment with security, compliance, and business objectives. This role is not limited to Joiner/Mover/Leaver account administration. We are seeking an engineer with deep technical expertise in enterprise identity platforms such as Active Directory, Microsoft Entra ID (Azure AD), and SailPoint. As an IAM Engineer, You Will: Serve as a technical owner and subject matter expert for enterprise IAM platforms, including Active Directory, Microsoft Entra ID (Azure AD), and SailPoint IdentityNow/IdentityIQ. Design, implement, and maintain identity architectures, including authoritative sources, identity correlation, lifecycle orchestration, and access models. Engineer and support SailPoint capabilities such as connectors, aggregation, lifecycle workflows, access request policies, certifications, and governance controls. Design and manage authentication and authorization solutions, including SSO, federation, MFA, Conditional Access, and adaptive or contextual authentication. Troubleshoot complex, cross-platform identity issues involving directories, provisioning, federation, tokens, claims, and access policies. Partner with security, infrastructure, application, and compliance teams to deliver secure, scalable identity solutions. Lead or contribute to IAM transformation initiatives, platform upgrades, and technology evaluations. Provide technical guidance and mentorship to IAM operations or junior staff. Ensure IAM solutions align with internal security policies, audit requirements, and industry standards. Who You Are: You are a hands-on IAM engineer who enjoys working with enterprise-scale identity platforms and solving complex identity challenges. You understand how identity systems work beyond basic account provisioning and can translate business and security requirements into technical solutions. You collaborate effectively across teams and influence IAM strategy through technical expertise. Required Education, Experience & Skills: • 5+ years of hands-on experience engineering and operating enterprise IAM platforms in hybrid (cloud/on-prem) environments. • Deep technical experience engineering and operating enterprise identity platforms, with a strong focus on Active Directory and Microsoft Entra ID (Azure AD). • Active Directory (directory architecture, LDAP, trusts, service accounts, GPOs) • Microsoft Entra ID / Azure AD (Conditional Access, MFA, hybrid identity, app registrations) • Hands-on experience with an enterprise identity governance platform (e.g., SailPoint IdentityNow or IdentityIQ), including connectors, aggregation, and lifecycle workflows. • Strong understanding of IAM protocols and standards, including LDAP, SAML, OAuth 2.0, OpenID Connect, SCIM, and FIDO. • Hands-on scripting or automation experience using PowerShell and/or Python to support identity lifecycle management, integrations, and troubleshooting. • Experience designing and supporting SSO, federation, MFA, and access governance solutions. • Strong communication skills with the ability to convey complex identity concepts to both technical and non-technical audiences. • Bachelor's degree in Information Security, Computer Science, or a related field, or equivalent practical experience. Preferred Education, Experience & Skills: Deep experience designing and operating SailPoint IdentityNow or IdentityIQ, including lifecycle workflows, access modeling, and certifications Experience integrating SailPoint with HR systems and downstream applications SailPoint certifications (IdentityNow Engineer, IdentityIQ) Industry certification Apply tot his job Apply To this Job