Identity & Access Management (IAM) Engineer III

Summary
We are seeking a Senior Identity & Access Management (IAM) Engineer to design, implement, and manage enterprise identity solutions across on premises and cloud environments. This role will serve as a technical authority for IAM architecture, leading initiatives across Identity Governance & Administration (IGA), Privileged Access Management (PAM), Single Sign On (SSO), and Multi Factor Authentication (MFA), while ensuring secure, scalable, and compliant identity services. The ideal candidate combines deep, hands on engineering experience with strong architectural skills and can partner closely with security, infrastructure, cloud, and application teams.

Visa Sponsorship Available
No

Minimum Requirements
Combination of Education and Experience will be considered. Must be authorized to work in the US as defined by the Immigration Act of 1986. Must pass a Criminal Background Check.
Education:  Bachelor’s Degree in cybersecurity or Computer Science.
Certification: IAM or Cyber related certifications.
Years of Experience: Minimum seven (7) years of experience in related field.

Preferred Requirements
•    Strong hands on experience implementing and supporting IGA, PAM, SSO, MFA, and identity federation solutions.
•    Experience implementing Conditional Access, adaptive authentication, and Zero Trust identity controls.
•    Experience securing machine identities, service accounts, and workload identities.
•    Familiarity with Identity Threat Detection & Response (ITDR) concepts and tooling.
•    Strong understanding of Active Directory, LDAP, Kerberos, and enterprise directory services.
•    Experience designing and implementing enterprise IAM architectures.
•    Solid understanding of authentication and authorization protocols (SAML, OAuth 2.0, OpenID Connect, LDAP).
•    Experience managing cloud identity services (Azure AD / Entra ID, AWS IAM, GCP IAM).
•    Strong scripting or automation skills (PowerShell, Python, Bash, or similar).
•    Experience integrating IAM with SaaS, cloud, and custom applications.
•    Strong understanding of Zero Trust and identity centric security principles.
•    Ability to translate business requirements into secure technical solutions.
•    Experience with common IAM platforms (e.g., SailPoint, Saviynt, Okta, Ping, CyberArk, BeyondTrust, Delinea).
•    Experience supporting regulatory or compliance frameworks (SOX, PCI, HIPAA, SOC 2).
•    Cloud security or IAM related certifications (e.g., CISSP, CCSP, Microsoft Identity certifications, AWS Security).
•    Experience with access reviews, certification campaigns, segregation of duties (SoD), and audit remediation activities.
•    Experience with CI/CD pipelines and Infrastructure as Code (Terraform, ARM, CloudFormation).

Job Duties
•    Architect, engineer, and support enterprise IAM solutions across IGA, PAM, SSO, and MFA platforms.
•    Own and manage the organization’s identity architecture, including cloud and hybrid identity models.
•    Design and implement identity lifecycle management (joiner, mover, leaver) and access governance processes.
•    Lead onboarding and integration of applications into SSO, MFA, and IGA platforms.
•    Design and enforce role-based access control (RBAC) and least-privilege access models.
•    Implement and manage PAM solutions for privileged accounts, service accounts, and secrets management.
•    Manage cloud identity platforms (e.g., Azure AD / Entra ID, AWS IAM, GCP IAM) and their integrations.
•    Develop and maintain IAM standards, architecture diagrams, and technical documentation.
•    Serve as a subject matter expert for identity-related security incidents, audits, and compliance efforts.
•    Collaborate with application, cloud, infrastructure, and security teams to deliver secure identity solutions.
•    Mentor junior IAM engineers and contribute to IAM strategy and roadmap planning.
•    Evaluate IAM tools and technologies and recommend improvements or new capabilities.
•    Other duties as assigned. Architect, engineer, and support enterprise IAM solutions across IGA, PAM, SSO, and MFA platforms.
•    Ability to lead cross functional initiatives and influence identity security standards across the enterprise.
•    Experience integrating IAM platforms with SIEM, SOAR, and security monitoring solutions.
•    Experience using REST APIs and automation frameworks to integrate IAM systems.
•    Familiarity with Git based workflows and Agile delivery methodologies.
•    Own and manage the organization’s identity architecture, including cloud and hybrid identity models.
•    Experience managing hybrid identity environments, including Active Directory, Microsoft Entra ID, AWS IAM, and GCP IAM.
•    Design and implement identity lifecycle management (joiner, mover, leaver) and access governance processes.
•    Lead onboarding and integration of applications into SSO, MFA, and IGA platforms.
•    Design and enforce role based access control (RBAC) and least privilege access models.
•    Implement and manage PAM solutions for privileged accounts, service accounts, and secrets management.
•    Manage cloud identity platforms (e.g., Azure AD / Entra ID, AWS IAM, GCP IAM) and their integrations.
•    Develop and maintain IAM standards, architecture diagrams, and technical documentation.
•    Serve as a subject matter expert for identity related security incidents, audits, and compliance efforts.
•    Collaborate with application, cloud, infrastructure, and security teams to deliver secure identity solutions.
•    Mentor junior IAM engineers and contribute to IAM strategy and roadmap planning.
•    Evaluate IAM tools and technologies and recommend improvements or new capabilities.
•    Ensure any direct reports understand and apply our Customer Commitment and customer service standards to their daily responsibilities as appropriate.
•    Model Allegiant's customer service standards in personal actions and when providing leadership direction.
•    Other duties as assigned.

Physical Requirements
The Physical Demands and Work Environment described here are a representative of those that must be met by a Team Member to successfully perform the essential functions of the role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the role.

Office/IT - While performing the duties of this job, the Team Member is regularly required to stand, sit, talk, hear, see, reach, stoop, kneel, and use hands and fingers to operate a computer, key board, printer, and phone. May be required to lift, push, pull, or carry up to 50 lbs. May be required to work various shifts/days in a 24 hour situation. Regular attendance is a requirement of the role. Exposure to moderate noise (i.e. business office with computers, phones, printers, and foot traffic), temperature and light fluctuations. Ability to work in a confined area as well as the ability to sit at a computer terminal for an extended period of time. Some travel may be a requirement of the role.

Essential Services Provider
Allegiant as a national air carrier is deemed an essential service provider during declared national and state emergencies. Team Members will be required to report to their assigned trip or work location during national and state emergencies unless prohibited by local, state or federal order.

EEO Statement
We welcome all individuals from varied backgrounds and experiences to apply. Our company values the unique perspectives and talents that each person brings to our team.

Equal Opportunity Employer: Disability/Veteran
For more information, see https://allegiantair.jobs