Senior Identity and Access Management (IAM) Engineer

Guardant Health is a leading precision oncology company focused on helping conquer cancer globally through use of its proprietary tests, vast data sets and advanced analytics. The Guardant Health oncology platform leverages capabilities to drive commercial adoption, improve patient clinical outcomes and lower healthcare costs across all stages of the cancer care continuum. Guardant Health has commercially launched Guardant360®, Guardant360 CDx, Guardant360 TissueNext™, Guardant360 Response™, and GuardantOMNI® tests for advanced stage cancer patients, and Guardant Reveal™ for early-stage cancer patients. The Guardant Health screening portfolio, including the Shield™ test, aims to address the needs of individuals eligible for cancer screening.

Position Title: Senior Identity and Access Management (IAM) Engineer

Location: Hyderabad, India

Job Type: Full-Time

Position Overview:

Guardant Health is seeking an experienced and highly motivated Senior Identity and Access Management (IAM) Engineer to join our IT Infrastructure and Security Engineering team in Hyderabad, India. This role is crucial to the design, implementation, and continuous improvement of our enterprise IAM platforms enabling secure, efficient, and scalable access management across the organization. The ideal candidate brings deep domain knowledge in identity principles, cloud and on-prem directory services, automation workflows, and modern authentication protocols. In this role, you will work with key technologies including Okta, Active Directory, Entra ID, AWS IAM, PKI, and support integrations with healthcare-focused enterprise access systems. You will also drive automation efforts through Okta Workflows and custom integrations using Okta APIs, AD, and Microsoft Graph API.

Key Responsibilities:

Identity Architecture & Governance

● Design and maintain secure, policy-driven IAM architecture supporting workforce and application access across cloud and hybrid environments.

● Define and enforce least privilege access models, lifecycle processes, and compliance standards. Platform Ownership & Integration.

● Administer and optimize Okta, Active Directory, Entra ID (Azure AD), and AWS IAM environments including federation, EAM, SSO, and MFA configurations.

● Support and operate PKI solutions, including DigiCert, Microsoft ADCS, and AWS Private CA.

● Ensure smooth operation of SCEP-based certificate provisioning for managed devices and systems. Workflow Automation & API Integration.

● Develop and maintain Okta Workflows for identity lifecycle automation, approvals, and policy enforcement.

● Integrate identity processes with third-party systems using Okta APIs, Microsoft Graph API, and custom scripts (PowerShell, Python, etc.).

● Continuously identify opportunities to automate repetitive tasks and improve operational efficiency with PowerShell, Python, Terraform. Privileged Access & Endpoint Identity.

● Implement and manage Privileged Access Management (PAM) tools and practices across critical infrastructure.

● Support integrations with EAM (Imprivata) or other clinical/workforce access systems used in the Guardant Health environments. Monitoring, Compliance, and Documentation.

● Monitor IAM systems for anomalies and ensure timely response to incidents or alerts.

● Ensure alignment with security standards such as HIPAA, SOX, and ISO 27001.

● Maintain detailed documentation, architecture diagrams, and standard operating procedures in Confluence or equivalent.

Qualifications:

● 7+ years of hands-on experience in enterprise IAM engineering roles.

● Expertise in Okta administration, workflow automation, and integration via Okta APIs.

● Experience with Microsoft Graph API and automation scripting (PowerShell, Python).

● Strong background in Active Directory, Entra ID, Okta, and AWS IAM management.

● Deep understanding of identity standards and protocols: SAML, OAuth2.0, OIDC, Kerberos, LDAP, SCIM, SCEP.

● Hands-on experience with PKI, including DigiCert, Microsoft PKI, AWS PCA, and SCEP-based and ACME-based certs provisioning.

● Familiarity with Privileged Access Management tools (CyberArk, BeyondTrust, Okta etc.)

● Experience with Imprivata or similar enterprise access platforms is a strong plus.

● Relevant certifications such as CIAM, Okta Certified Professional, or Microsoft Identity and Access Administrator are highly desirable.

● Excellent communication, problem-solving, and cross-team collaboration skills.

Why Join Us:

At Guardant Health, you will help secure the systems that power groundbreaking innovations in cancer diagnostics and treatment. You will work with cutting-edge technologies, modern IAM frameworks, and a global team committed to operational excellence a

To learn more about the information collected when you apply for a position at Guardant Health, Inc. and how it is used, please review our Privacy Notice for Job Applicants.

Please visit our career page at: http://www.guardanthealth.com/jobs/