Virtual Sailpoint Admin Jobs (NOW HIRING)

Position:  IAM Lead – Sr. IAM Ops/SailPoint Lead

Location: Juno Beach, FL 

Contract: 12 months (potential for extension)

Interview Process: 1–2 rounds (1st round - virtual and in person set up in the 2nd round)

We have an immediate opening for an IAM Lead (Operations/Support) role based onsite in Juno Beach, FL. We’re looking for a senior professional with deep IAM operations experience, strong leadership skills, and solid hands-on technical knowledge across cloud and on-prem environments.

Please note this is fully onsite and we’re only considering local or nearby candidates (no relocation).
 

Required Skills and Experience:

• Education: Bachelor’s in Computer Science, Information Systems, Cybersecurity, or related field (equivalent experience accepted).
• Experience: 8+ years in IAM with at least 3+ years leading operations/support teams in large, regulated enterprises.
• Platforms: SailPoint Identity Security Cloud (IdentityNow/IIQ), Azure AD/Active Directory, One Identity Safeguard (PAM, Safeguard for Sudo, Safeguard Authentication Services), SSO/MFA; LDAP/Kerberos, SAML/OIDC/OAuth2, SCIM, PKI.
• HRIS Integrations: SAP SuccessFactors and SAP Fieldglass for identity lifecycle.
• Systems: Windows, Linux, and macOS identity integration at enterprise scale.
• ITIL/SRE: Major incident management, SLAs/SLOs, problem/change management, observability.
• Automation: PowerShell, Python scripting, API orchestration, configuration-as-code, CI/CD practices.
• Compliance: SOX and NERC-CIP controls and audit readiness.
• Communication: Strong executive and technical communication, concise incident reporting, and stakeholder management.

Preferred Qualifications:

• Certifications: CISSP, CISM, ITIL v4, Microsoft Entra/Azure Administrator, SailPoint, One Identity Safeguard; SAFe certification is a plus.
• Cloud: AWS/Azure/GCP IAM fundamentals, secrets management, conditional access, and identity threat detection.
• Tooling: SIEM/SOAR, Splunk/Elastic, Prometheus/Grafana/Datadog, ServiceNow ITSM/CMDB.
• Delivery: UAT/regression suites for IAM changes, PI Planning, Agile release trains.

• Lead Operations/Support for Identity & Access Management (IAM) tools and processes. The IAM Operations & Support Leader owns the reliability, security, and compliance of enterprise identity services across on ‐ prem and cloud environments. This role leads 24x7 service delivery for identity governance and administration and privileged access, ensuring resilient operations, excellent user experience, and audit-ready controls. The leader manages a multidisciplinary team and vendor partners, drives automation and continuous improvement, and aligns service outcomes to business, SOX, and NERC ‐ CIP requirements.
• Scale: Enterprise Windows, Enterprise Linux, hybrid AD/Azure AD, SailPoint Identity Security Cloud, One Identity Safeguard (including Safeguard for Sudo and Safeguard Authentication Services), SSO/MFA, HRIS integrations (SAP SuccessFactors, SAP Fieldglass), CyberArk Privileged Access Management.
• Coverage: 24x7 operations, global user base, regulated utility environment.
• Essential Duties and Responsibilities
• Service Ownership and Strategy
  • 1.1 Define the IAM operations strategy, service catalog, SLAs/SLOs/SLIs, and operational roadmaps aligned to business risk and compliance goals.
  • 1.2 Establish SRE-aligned practices for availability, performance, capacity, and resilience, including error budgets and reliability targets.
  • 1.3 Maintain the end-to-end service architecture and dependency maps for identity, SSO/MFA, PAM, and provisioning services.
• Operations and Service Delivery
  • 2.1 Lead day-to-day operations for AD/Azure AD, SailPoint ISC, SSO/MFA, PAM, Linux/macos directory integrations, and identity data pipelines.
  • 2.2 Build and manage a tiered L1/L2/L3 support model, on-call rotations, runbooks, KB articles, and self-service tooling.
  • 2.3 Drive monitoring/alerting, event correlation, and proactive problem detection using SIEM/observability platforms.
• Incident, Problem, and Change Management (ITIL)
  • 3.1 Serve as Major Incident Commander for IAM incidents; reduce MTTR via automation, diagnostics, and clear escalation paths.
  • 3.2 Run formal problem management, RCAs, post-incident reviews, and corrective action tracking.
  • 3.3 Govern changes through CAB/ECAB, maintenance windows, and release calendars; optimize change success rate.
• Platform Administration and Reliability Engineering
  • 4.1 Ensure healthy operations of SailPoint Identity Security Cloud (connectors, provisioning jobs, access certifications), Azure AD/AD (sync, domain controllers, GPOs), and One Identity Safeguard (PAM vaults, session mgmt, Sudo, SAS for Linux/macOS).
  • 4.2 Oversee upgrades, patching, capacity planning, HA/DR, backups, and configuration baselines; validate failover and recovery procedures.
  • 4.3 Manage API usage, throttling, and integration resiliency with HRIS, ITSM, SIEM/SOAR, and application endpoints.
• Identity Lifecycle and Provisioning
  • 5.1 Operate joiner–mover–leaver processes sourced from SAP SuccessFactors/Fieldglass, including role/birthright access and approvals.
  • 5.2 Ensure accurate, timely provisioning/deprovisioning to directories, SaaS, and on ‐ prem apps; remediate orphaned accounts and access drift.
  • 5.3 Govern AD group and entitlement hygiene, bulk UID creation and mapping, and automated GID/role assignments at scale.
• Privileged Access Management (PAM) and Unix/macOS Controls
  • 6.1 Enforce vaulting, rotation, session recording, and JIT elevation via One Identity Safeguard; expand coverage and remove standing privilege.
  • 6.2 Standardize and audit sudoers policies and Safeguard Authentication Services across Linux/macOS fleets; centralize policy distribution and logs.
  • 6.3 Integrate PAM telemetry with SIEM; drive least privilege and break-glass controls with continuous testing.
• Security, Risk, and Compliance
  • 7.1 Maintain controls for SOX, NERC ‐ CIP, NIST 800 ‐ 53/63, and IAM best practices; keep services audit ‐ ready with evidence automation.
  • 7.2 Support access certifications, entitlement reviews, SoD/toxic combination policies, and quarterly control attestations.
  • 7.3 Partner with security and audit teams on risk assessments, control testing, and remediation tracking.
• Automation and Continuous Improvement
  • 8.1 Implement policy ‐ as ‐ code and configuration ‐ as ‐ code for IAM platforms; leverage CI/CD for safe, repeatable changes.
  • 8.2 Automate monitoring, provisioning workflows, connector health checks, and evidence collection via APIs, PowerShell/Python, and orchestration tools.
  • 8.3 Lead guided automated deployments, UAT frameworks, regression testing, and performance baselining.
• Stakeholder Engagement and Communications
  • 9.1 Publish service health dashboards, KPI reports (availability, MTTR, SLA attainment, certification completion), and executive briefings.
  • 9.2 Coordinate with Security, HR, IT Ops, and application owners on priorities, readiness, and release plans.
  • 9.3 Manage service intake and expectations; escalate risks and trade-offs clearly with recommended actions.
• Business Continuity and Resilience
  • 10.1 Maintain DR/MCBP plans, recovery runbooks, and cyber recovery posture for identity services.
  • 10.2 Conduct exercises (tabletops, failovers, chaos drills) and close gaps proactively.
  • 10.3 Ensure privileged recovery capabilities and offline procedures are tested and documented.
• Qualifications
• Required Skills and Experience
• Education: Bachelor's in Computer Science, Information Systems, Cybersecurity, or related field; equivalent experience considered.
• Experience: 8+ years in IAM with 3+ years leading operations/support teams in large, regulated enterprises.
• Platforms: SailPoint Identity Security Cloud (or IdentityNow/IIQ), Azure AD/Active Directory, One Identity Safeguard (PAM, Safeguard for Sudo, Safeguard Authentication Services), SSO/MFA; LDAP/Kerberos, SAML/OIDC/OAuth2, SCIM, PKI.
• HRIS Integrations: Operating identity lifecycle fed by SAP SuccessFactors and SAP Fieldglass.
• Systems: Enterprise Windows, Linux, and macOS identity integration at scale.
• ITIL/SRE: Major incident leadership, problem/change management, SLAs/SLOs, observability, capacity and performance management.
• Automation: Strong scripting (PowerShell, Python), API orchestration, configuration ‐ as ‐ code, and CI/CD practices.
• Compliance: Demonstrated success maintaining SOX and NERC ‐ CIP controls and passing audits.
• Communication: Clear executive and technical communication, concise incident updates, and stakeholder management.
• Preferred Qualifications
• Certifications: CISSP, CISM, ITIL v4, Microsoft Entra/Azure Administrator, SailPoint, One Identity Safeguard; SAFe certifications a plus.
• Cloud: AWS/Azure/GCP IAM fundamentals, secrets management, conditional access, and identity threat detection.
• Tooling: Experience with SIEM/SOAR, Splunk/Elastic, Prometheus/Grafana/Datadog, ServiceNow ITSM/CMDB.
• Delivery: Experience running UAT/regression suites for IAM changes; familiarity with PI Planning and Agile release trains.
• Core Competencies and Attributes
• Security ‐ first and reliability ‐ obsessed mindset with strong customer empathy.
• Ownership and bias for action; calm, decisive incident leadership.
• Strategic and operational balance; data ‐ driven and metrics ‐ focused.
• Collaborative, diplomatic, and effective at influencing across teams and vendors.
• Work Conditions
• Participation in on ‐ call rotation and off ‐ hours maintenance windows as needed; occasional travel for team, vendor, or audit engagements.
• Key Success Metrics
• Service availability/SLO attainment, MTTR and incident volume trend, change success rate, provisioning SLA compliance, certification completion on time, privileged account coverage and policy adherence, audit findings reduced/cleared, automation coverage and toil reduction.