ForgeRock IAM Engineer
$80K - $128K/yr
Cloud/DevOps: AWS, Azure, or GCP; Docker, Kubernetes, CI/CD, Git * Security: MFA, PKI, RBAC/ABAC ... Experience with IAM/IGA tools such as SailPoint, Saviynt, Okta, or CyberArk * Familiarity with ...
ForgeRock IAM Engineer
$80K - $128K/yr
Cloud/DevOps: AWS, Azure, or GCP; Docker, Kubernetes, CI/CD, Git * Security: MFA, PKI, RBAC/ABAC ... Experience with IAM/IGA tools such as SailPoint, Saviynt, Okta, or CyberArk * Familiarity with ...
IAM Engineer
Mckinney, TX · Hybrid
$75 - $85/hr
Deep hands-on experience with SailPoint ISC, Entra ID (Azure AD), Active Directory, and MFA/SSO solutions. Strong understanding of IAM architecture, RBAC, PIM, and CIAM principles. Proficient in ...
IAM Engineer
Mckinney, TX · Hybrid
$75 - $85/hr
Deep hands-on experience with SailPoint ISC, Entra ID (Azure AD), Active Directory, and MFA/SSO solutions. Strong understanding of IAM architecture, RBAC, PIM, and CIAM principles. Proficient in ...
NET developer/engineer who also has 1-2 years (or more) of IAM experience. Great communication ... NET, Java, WinOS, Unix, Active Directory, Oracle DBMS, MS SQL Server DBMS, RSA ACE Server, MS Azure ...
NET developer/engineer who also has 1-2 years (or more) of IAM experience. Great communication ... NET, Java, WinOS, Unix, Active Directory, Oracle DBMS, MS SQL Server DBMS, RSA ACE Server, MS Azure ...
IAM Engineer
Washington, DC · On-site
NET developer/engineer who also has 1-2 years (or more) of IAM experience. Great communication ... NET, Java, WinOS, Unix, Active Directory, Oracle DBMS, MS SQL Server DBMS, RSA ACE Server, MS Azure ...
IAM Engineer
Washington, DC · On-site
NET developer/engineer who also has 1-2 years (or more) of IAM experience. Great communication ... NET, Java, WinOS, Unix, Active Directory, Oracle DBMS, MS SQL Server DBMS, RSA ACE Server, MS Azure ...
... Azure Active Directory), Public Key Infrastructure (PKI), and Common Access Card (CAC ... IAM engineering. • Demonstrated experience in designing and managing IAM frameworks in cloud ...
... Azure Active Directory), Public Key Infrastructure (PKI), and Common Access Card (CAC ... IAM engineering. • Demonstrated experience in designing and managing IAM frameworks in cloud ...
IAM Engineer
Newark, NJ · On-site
$109K - $150K/yr
Hands on experience with AWS, Azure or GCP desired. * Demonstrated experience working in Cybersecurity organization with a Technical Engineering focus on CIAM/IAM * Collaborate with Product Owners in ...
IAM Engineer
Newark, NJ · On-site
$109K - $150K/yr
Hands on experience with AWS, Azure or GCP desired. * Demonstrated experience working in Cybersecurity organization with a Technical Engineering focus on CIAM/IAM * Collaborate with Product Owners in ...
IAM Engineer (Secret clearance)
Tampa, FL · On-site
... Azure Active Directory), Public Key Infrastructure (PKI), and Common Access Card (CAC ... IAM engineering. • Demonstrated experience in designing and managing IAM frameworks in cloud ...
IAM Engineer (Secret clearance)
Tampa, FL · On-site
... Azure Active Directory), Public Key Infrastructure (PKI), and Common Access Card (CAC ... IAM engineering. • Demonstrated experience in designing and managing IAM frameworks in cloud ...
IAM Engineer III
Richmond, VA · On-site
IAM Engineer III (Remote Job) Location: Richmond, VA Duration: 6 Months Responsibilities Include ... Azure, LDAP and supporting infrastructure. * Perform regular patching and maintenance for the IAM ...
IAM Engineer III
Richmond, VA · On-site
IAM Engineer III (Remote Job) Location: Richmond, VA Duration: 6 Months Responsibilities Include ... Azure, LDAP and supporting infrastructure. * Perform regular patching and maintenance for the IAM ...
Senior IAM Engineer
Jersey City, NJ · On-site
$108K - $149K/yr
Hello, I have an opportunity for "Senior IAM Engineer and looking for a candidate who can join ... Azure platform is desired. • Must have solid understanding and experiences working with SAML ...
Senior IAM Engineer
Jersey City, NJ · On-site
$108K - $149K/yr
Hello, I have an opportunity for "Senior IAM Engineer and looking for a candidate who can join ... Azure platform is desired. • Must have solid understanding and experiences working with SAML ...
IAM Engineer
Mckinney, TX · Hybrid
$75 - $85/hr
Deep hands-on experience with SailPoint ISC, Entra ID (Azure AD), Active Directory, and MFA/SSO solutions. Strong understanding of IAM architecture, RBAC, PIM, and CIAM principles. Proficient in ...
IAM Engineer
Mckinney, TX · Hybrid
$75 - $85/hr
Deep hands-on experience with SailPoint ISC, Entra ID (Azure AD), Active Directory, and MFA/SSO solutions. Strong understanding of IAM architecture, RBAC, PIM, and CIAM principles. Proficient in ...
Principal Consultant - Azure, IAM & Endpoint Solutions About CrucialLogics Inc. We apply our ... Azure Security Engineer SC-200: Microsoft Security Operations Analyst SC-300: Identity and Access ...
Principal Consultant - Azure, IAM & Endpoint Solutions About CrucialLogics Inc. We apply our ... Azure Security Engineer SC-200: Microsoft Security Operations Analyst SC-300: Identity and Access ...
Senior IAM Engineer (SailPoint/Okta)
Austin, TX · On-site
$103K - $142K/yr
Working with IAM software programs such as SailPoint, Okta, and Azure. * Working closely with developers, designers, business and systems analysts. Minimum Candidate Characteristics: * 6 years of ...
Quick apply
Senior IAM Engineer (SailPoint/Okta)
Austin, TX · On-site
$103K - $142K/yr
Working with IAM software programs such as SailPoint, Okta, and Azure. * Working closely with developers, designers, business and systems analysts. Minimum Candidate Characteristics: * 6 years of ...
Cloud IAM Engineer
Mount Laurel, NJ · On-site
$55.25 - $73.75/hr
... AD), Azure RBAC, and cloud identity services. • Experience administering Google Cloud IAM ... DevOps, or similar CI/CD platforms. • Knowledge of enterprise security controls, governance ...
Cloud IAM Engineer
Mount Laurel, NJ · On-site
$55.25 - $73.75/hr
... AD), Azure RBAC, and cloud identity services. • Experience administering Google Cloud IAM ... DevOps, or similar CI/CD platforms. • Knowledge of enterprise security controls, governance ...
Saviynt IAM Engineer
Chicago, IL · On-site
Saviynt IAM Engineer Location : San Francisco, Chicago, Scottsdale, NYC (Onsite) Saviynt IAM Staff ... Active Directory / Azure AD * Okta / SSO platforms * Workday / HR systems * ServiceNow * AWS ...
Quick apply
Saviynt IAM Engineer
Chicago, IL · On-site
Saviynt IAM Engineer Location : San Francisco, Chicago, Scottsdale, NYC (Onsite) Saviynt IAM Staff ... Active Directory / Azure AD * Okta / SSO platforms * Workday / HR systems * ServiceNow * AWS ...
Sr. IAM Engineer
Newark, NJ · On-site
$109K - $150K/yr
Hands on experience with AWS, Azure or GCP desired but not required. Demonstrated experience working in Cybersecurity organization with a Technical Engineering focus on CIAM/IAM Collaborate with ...
Sr. IAM Engineer
Newark, NJ · On-site
$109K - $150K/yr
Hands on experience with AWS, Azure or GCP desired but not required. Demonstrated experience working in Cybersecurity organization with a Technical Engineering focus on CIAM/IAM Collaborate with ...
Senior IAM Engineer
Milwaukee, WI · On-site
$112K - $154K/yr
Partner with IAM engineering to transition new capabilities into operations (run/support model ... Directory Services (SSO/Federation, Active Directory, Azure), Identity Governance & Administration ...
Senior IAM Engineer
Milwaukee, WI · On-site
$112K - $154K/yr
Partner with IAM engineering to transition new capabilities into operations (run/support model ... Directory Services (SSO/Federation, Active Directory, Azure), Identity Governance & Administration ...
Senior IAM Engineer
Milwaukee, WI · On-site
$112K - $154K/yr
Partner with IAM engineering to transition new capabilities into operations (run/support model ... Directory Services (SSO/Federation, Active Directory, Azure), Identity Governance & Administration ...
Senior IAM Engineer
Milwaukee, WI · On-site
$112K - $154K/yr
Partner with IAM engineering to transition new capabilities into operations (run/support model ... Directory Services (SSO/Federation, Active Directory, Azure), Identity Governance & Administration ...
Integrate IAM solutions with Microsoft Entra ID (formerly Azure Active Directory), Public Key ... engineering. * Demonstrated experience in designing and managing IAM frameworks in cloud ...
Integrate IAM solutions with Microsoft Entra ID (formerly Azure Active Directory), Public Key ... engineering. * Demonstrated experience in designing and managing IAM frameworks in cloud ...
IAM Engineer
Denver, CO · Remote
$65 - $75/hr
... IAM) and Cloud Infrastructure/DevOps. * Expert-level proficiency in the Ping Identity Software ... Deep knowledge of M365 SSO integrations and establishing federated trust with Entra ID (Azure AD)
IAM Engineer
Denver, CO · Remote
$65 - $75/hr
... IAM) and Cloud Infrastructure/DevOps. * Expert-level proficiency in the Ping Identity Software ... Deep knowledge of M365 SSO integrations and establishing federated trust with Entra ID (Azure AD)
Senior IAM Engineer
$106K - $145K/yr
Partner with IAM engineering to transition new capabilities into operations (run/support model ... Directory Services (SSO/Federation, Active Directory, Azure), Identity Governance & Administration ...
Senior IAM Engineer
$106K - $145K/yr
Partner with IAM engineering to transition new capabilities into operations (run/support model ... Directory Services (SSO/Federation, Active Directory, Azure), Identity Governance & Administration ...
Azure Iam Engineer information
See salary details
$11.06 - $17.31
3% of jobs
$17.31 - $23.56
0% of jobs
$23.56 - $29.81
0% of jobs
$29.81 - $36.06
0% of jobs
$36.06 - $42.31
2% of jobs
$42.31 - $48.56
5% of jobs
$52.70 is the 25th percentile. Wages below this are outliers.
$48.56 - $54.81
22% of jobs
The median wage is $58.36 / hr.
$54.81 - $61.06
31% of jobs
$64.79 is the 75th percentile. Wages above this are outliers.
$61.06 - $67.31
19% of jobs
$67.31 - $73.56
12% of jobs
$73.56 - $79.81
5% of jobs
$11
$58
$79
How much do azure iam engineer jobs pay per hour?
As of Jun 6, 2026, the average hourly pay for azure iam engineer in the United States is $58.40, according to ZipRecruiter salary data. Most workers in this role earn between $52.88 and $65.62 per hour, depending on experience, location, and employer.
What is the difference between Azure Iam Engineer vs Cloud Security Engineer?
| Aspect | Azure Iam Engineer | Cloud Security Engineer |
|---|---|---|
| Certifications | Azure certifications (e.g., AZ-500, AZ-104) | Security certifications (e.g., CISSP, CISM, CCSP) |
| Work Environment | Focus on Azure cloud platform and identity management | Broader cloud security across multiple platforms (Azure, AWS, GCP) |
| Industry Usage | Primarily in organizations using Azure for cloud services | In organizations prioritizing overall cloud security |
| Job Focus | Managing Azure identity and access management (IAM) | Securing cloud infrastructure and data across platforms |
The Azure Iam Engineer specializes in managing identity and access within Azure environments, while the Cloud Security Engineer has a broader role in securing cloud infrastructure across multiple platforms. Both roles require security certifications and work in cloud-based settings, but their focus areas differ in scope and platform specialization.
More about Azure Iam Engineer jobs
What cities are hiring for Azure Iam Engineer jobs? Cities with the most Azure Iam Engineer job openings:
What states have the most Azure Iam Engineer jobs? States with the most job openings for Azure Iam Engineer jobs include:
What job categories do people searching Azure Iam Engineer jobs look for? The top searched job categories for Azure Iam Engineer jobs are:
Peraton rating
8.3
Based on 52 frontline employees who took The Breakroom Quiz
37th of 203 rated it services
Job description
Responsibilities
We are seeking a skilled ForgeRock IAM Engineer with strong experience in ForgeRock (PingOne Advanced Identity Cloud) to design, implement, and support secure access management solutions for a large federal environment. This role focuses on authentication, SSO, and Zero Trust security aligned with federal standards such as NIST and FedRAMP.
The ForgeRock AM (Access Management) Engineer is a specialized Identity and Access Management (IAM) professional responsible for designing, implementing, and maintaining secure access management solutions using the ForgeRock Identity Platform (now PingOne Advanced Identity Cloud). This role is integral to the U.S. Department of Education's Federal Student Aid (FSA) Federal IAM program - a mission-critical platform securing digital assets and managing identity for millions of students, institutions, and federal stakeholders.
The engineer focuses on delivering robust authentication, authorization, and Single Sign-On (SSO) strategies that align with federal security mandates including NIST SP 800-63, FICAM, FedRAMP, and Zero Trust Architecture (ZTA) principles. Working within an agile delivery environment, this role collaborates across engineering, security, architecture, and product teams to ensure the IAM platform remains secure, scalable, and compliant.
Key Responsibilities:
Qualifications
Required Qualifications:
Preferred Qualifications:
Certifications (Preferred):
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
We are seeking a skilled ForgeRock IAM Engineer with strong experience in ForgeRock (PingOne Advanced Identity Cloud) to design, implement, and support secure access management solutions for a large federal environment. This role focuses on authentication, SSO, and Zero Trust security aligned with federal standards such as NIST and FedRAMP.
The ForgeRock AM (Access Management) Engineer is a specialized Identity and Access Management (IAM) professional responsible for designing, implementing, and maintaining secure access management solutions using the ForgeRock Identity Platform (now PingOne Advanced Identity Cloud). This role is integral to the U.S. Department of Education's Federal Student Aid (FSA) Federal IAM program - a mission-critical platform securing digital assets and managing identity for millions of students, institutions, and federal stakeholders.
The engineer focuses on delivering robust authentication, authorization, and Single Sign-On (SSO) strategies that align with federal security mandates including NIST SP 800-63, FICAM, FedRAMP, and Zero Trust Architecture (ZTA) principles. Working within an agile delivery environment, this role collaborates across engineering, security, architecture, and product teams to ensure the IAM platform remains secure, scalable, and compliant.
Key Responsibilities:
- Design & Architecture: Translate business and security requirements into scalable IAM technical designs using ForgeRock/PingOne components - Access Management (AM/PingAM), Identity Management (IDM/PingIDM), Directory Services (DS/PingDS), and Identity Gateway (IG/PingGateway); lead design reviews, architecture workshops, and technical documentation.
- Implementation & Integration: Install, configure, and integrate ForgeRock AM solutions with enterprise applications, cloud services (AWS, Azure, GCP), and legacy systems; develop and maintain REST API integrations and federation configurations across hybrid and multi-cloud environments.
- Authentication & Authorization: Design and implement custom authentication trees/journeys, Multi-Factor Authentication (MFA) nodes, Risk-Based Authentication (RBA), and authorization policies to enforce secure, least-privilege user access; support phishing-resistant MFA including PIV/CAC card integration aligned with NIST Authenticator Assurance Levels (AAL1/AAL2/AAL3).
- Identity Lifecycle Management: Oversee automated user provisioning, de-provisioning, and role-based access control (RBAC) and attribute-based access control (ABAC) workflows; integrate with HR systems, LDAP/Active Directory, and downstream applications to support full identity lifecycle governance.
- Zero Trust Architecture Implementation: Implement Zero Trust principles per NIST SP 800-207 and federal Executive Order mandates; deploy authentication authority and authorization engines that enforce continuous verification across hybrid, multi-cloud environments.
- Federation & SSO: Configure and maintain identity federation hubs integrating with third-party authentication sources, diverse user directories, and existing ICAM systems; enable standards-based SSO across agency boundaries and mission partner environments using SAML 2.0, OAuth 2.0, and OIDC.
- Identity Governance & Administration (IGA): Streamline access request workflows, access reviews, and Segregation of Duties (SoD) enforcement to ensure correct permissions, prevent inappropriate access, and satisfy federal audit and compliance requirements.
- Automation & Scripting: Build and maintain scripts (Java, Groovy, JavaScript, Python, or Shell) to automate routine operational tasks, optimize system performance, and support CI/CD pipeline integration for IAM configuration management.
- Troubleshooting & L3 Support: Provide Level 3 support for identity-related incidents; perform root cause analysis, resolve complex platform issues, and ensure high system availability and uptime; serve as Subject Matter Expert (SME) for production escalations.
- Compliance & Audit Support: Ensure IAM configurations meet federal regulatory requirements (FISMA, FedRAMP, NIST, FICAM, CMMC); support security audits, continuous monitoring, and audit-ready reporting; maintain alignment with DoD 8570/8140 baseline requirements where applicable.
Qualifications
Required Qualifications:
- Bachelors degree and 5 years of experience or 9 years of experience and a HS diploma/equivalent
- 5+ years of IAM engineering experience
- Experience working with ForgeRock AM or PingOne
- Hands-on experience with MFA, SSO, and federation solutions
- Experience working in agile environments
- ForgeRock/Ping: AM, IDM, DS, IG (or equivalents)
- IAM Protocols: SAML 2.0, OAuth 2.0, OpenID Connect, JWT, LDAP, Kerberos, SCIM
- Programming/Scripting: Java, Groovy, JavaScript, Python, or Shell
- Directory Services: LDAP, Active Directory, Azure AD (Entra ID)
- Cloud/DevOps: AWS, Azure, or GCP; Docker, Kubernetes, CI/CD, Git
- Security: MFA, PKI, RBAC/ABAC, Zero Trust principles
- Compliance: Familiarity with NIST 800-63, NIST 800-207, FedRAMP, FISMA
- U.S. Citizenship required
- Ability to obtain and maintain the required agency clearance
Preferred Qualifications:
- Experience with IAM/IGA tools such as SailPoint, Saviynt, Okta, or CyberArk
- Familiarity with PingFederate, PingAccess, or PingDirectory
- Experience with PIV/CAC authentication and phishing-resistant MFA
- SIEM integration and IAM monitoring experience
- Prior federal government IAM experience (DoD, DHS, etc.)
- Knowledge of post-quantum cryptography concepts
- Agile/SAFe experience
Certifications (Preferred):
- ForgeRock or Ping Identity certifications
- CISSP, CISM, or CompTIA Security+
- AWS or Azure security certifications
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
About Peraton
Sourced by ZipRecruiter
At Peraton, we re at the forefront of delivering the next big thing every day. We re the partner of choice to help solve some of the world s most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure.
Industry
It services
Company size
10,000+ Employees
Headquarters location
Herndon, VA, US
Year founded
2017