Comcast Cybersecurity: Principal IAM Engineer (SailPoint)

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You'll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)
Job Summary
The IAM Principal Engineer is responsible for driving the development, maintenance, and continuous improvement of the identity and access management program, delivering secure and scalable access solutions for myComcastAccess service. This role actively manages day-to-day engineering, support, and maintenance activities across all IAM technologies, ensuring operational excellence and system reliability. As a subject matter expert, the engineer develops custom solutions on identity management, privileged access management, and broader information security best practices, collaborating across technology domains to uphold enterprise security standards.
Job Description
About the Role
We're hiring a Principal Engineer to architect, build, and operate enterprise IAM at scale. You'll anchor our SailPoint IdentityIQ platform , lead hands-on engineering, and mentor a small team of specialized developers. This is a builder's role - deep technical work paired with development ownership.
What You'll Do

• Own and advance the SailPoint IdentityIQ platform - workflows, rules, connectors, provisioning policies, and forms.
• Architect and develop scalable IAM solutions across identity federation, directory services, and multi-source synchronization.
• Design and deliver automation and access governance for enterprise needs.
• Integrate IAM with the broader security stack - MFA, PAM, AD/LDAP, and cloud identity providers.
• Mentor a small team of engineers; provide technical and strategic guidance to ensure successful delivery.
• Lead POCs, capacity planning, and end-to-end testing for new system capabilities and integrations.

Must-Have Qualifications

• 10+ years in IAM engineering, with deep, hands-on SailPoint IdentityIQ expertise (config + code).
• Strong IAM architecture fundamentals: authentication, authorization, federation, and lifecycle (JML).
• Solid working knowledge of LDAP, Active Directory, MFA, and Privileged Access Management (PAM).
• Programming proficiency in Java and BeanShell, plus SQL / RDBMS.
• Bachelor's in Computer Science, Computer Engineering, or a related technical field.

Preferred Qualifications

• Radiant Logic (RadiantOne FID / VDS, Global Sync) - virtual directory, Federated Identity Management (FIM), identity correlation & synchronization.
• Experience with one or more of: Okta, Ping, ForgeRock, CyberArk, Microsoft Entra ID / Azure AD.
• Cloud identity on Azure, AWS, or GCP; Kubernetes / Helm deployment experience.
• Web services development (REST APIs, JSON).

Comcast is an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.
Skills:
SailPoint IdentityIQ; Core Java; Architecture Development; Identity Access Management (IAM)
Salary:
Primary Location Pay Range: $142,361.11 - $213,541.67
Comcast intends to offer the selected candidate base pay within this range, dependent on job-related, non-discriminatory factors such as experience. The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.
Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality - to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.
Education
Bachelor's Degree
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
Relevant Work Experience
10 Years +