Senior IAM Engineer

Santa Clara, CA 95054

Posted: 04/18/2023 Job Number: 37311

Job Description

Pay range is $58 - $63 per hour with full benefits available, including paid time off, medical/dental/vision/life insurance, 401K, parental leave, and more. Our compensation reflects the cost of labor across several US geographic markets. Pay is based on several factors including market location and may vary depending on job-related knowledge, skills, and experience.


At Crystal Equation, we empower people and advance technology initiatives by building trust.  Your recruiter will prep you for the interview, obtain feedback, guide you through any necessary paperwork and provide everything you need for a successful start.  We will serve to empower you along the way and provide the path for your professional journey.


Senior IAM Engineer  
Location:  Santa Clara, CA

At our company, we believe everyone deserves to move their financial life forward.

We know that assets have the power to fund goals. Those numbers represent individual lifetimes filled with hard work and dreams for our clients and generations to follow. Our clients trust us to guide them forward with empathy, integrity, and invention. We uphold that same standard of respect and commitment for clients and colleagues alike.

Founded on the idea that financial education is a fundamental right for everyone—not just the wealthy, EFE continues to grow and challenge the status quo. We’re moving forward, together. If our purposeful commitment inspires you, we invite you to consider joining our team!

As a Sr. IAM Engineer [A1] [A2] on the Enterprise IT Server Team, the identity and access management engineer is  responsible for the development and implementation of IAM systems including SSO, authentication and access controls ensuring confidentiality, integrity and availability of IAM systems and data

In addition to an earnest desire to help people, we are looking for the ideal candidate to complement the team’s existing talents. For this role, we are looking for someone who has a creative spirit and new insights to help us continuously improve and accelerate our focus on innovative, best-in-class integrations, and support. If you have a 6+ years’ experience in information technology or equivalent technical experience – this may be the opportunity for you[A3]!

  • Designing, implementing, and supporting the SSO, MFA, Zero Trust, Active Directory, Azure AD, Okta, and user access provisioning services, automation, integrations, and lifecycle management.
  • Provision, configure & support resilient cloud deployment architecture, keep it compliant with regulations like SOC2 and make it more efficient.
  • Manage scalability, capacity planning, redundancy, and resiliency.
  • Maintain service availability and performance SLAs based on business and product requirements.
  • Manage SSO/identity services vendor platforms specifically for multiple SOC2 controlled environments, work with other Identity Platform engineers in deploying and maintaining services and create and review operational runbooks.
  • Participate and contribute to periodic SOC2 audit processes.
  • Partner with IT and product teams for SSO and user registration integration


Required Technical Competencies And Experience 
  • 6+ years of hands-on experience in managing, implementing, and supporting identity & access technologies, SAML 2.0, FIDO, OIDC, SCIM. Okta, Azure AD, Active Directory and CyberArk is p[A4] [A5] [A6] [A7] referred.
  • Enterprise experience in Identity and Access Management with working knowledge of enterprise hybrid cloud environments and other PAM toolsets
  • Experienced with Services based Integration (e.g. REST) of role-based access control, Active Directory, Azure AD, Okta, LDAP, Single Sign-On, End-User provisioning, identity and access governance, Privileged Identity Management, Privileged Access Management, Lifecycle Management and identity data synchronization services with existing applications and systems
  • API Gateways, Enterprise Directories, Enterprise Databases, SSO and Access Management systems, identity federation protocols (SAML), and LDAP.
  • Ability to work cross-functionally across multiple business units, such as IT application and infrastructure, product development teams, primarily integrating applications and users with identity services.
  • Strong technical writing skills to support required documentation.
  • Passion, drive, energy, a sense of humor and a great attitude

Meet Your Recruiter

Scott Brasel

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.