Lead IAM Security Engineer

Location: Dallas, TX or Scottdale, AZ - must be local to one of those areas but will work remotely

Synonymous Business Title (s): Information Security Architect, Security Engineer

Overview:

Blue Yonder Cybersecurity team is seeking a hands-on Lead IAM Engineer with proven experience in Identity & Access Management (IAM). This candidate will be responsible for designing, implementing, and managing identity and access management solutions to ensure secure and compliant access to enterprise systems. This candidate will be closely partnering with internal security teams and stakeholders to deliver consistent IAM controls across the Blue Yonder digital footprint worldwide.

Scope/Responsibilities:

• Design and implement user provisioning, deprovisioning, and role-based access control (RBAC) solutions.
• Automate identity workflows using SCIM, APIs, or identity orchestration platforms.
• Integrate IAM solutions with HR systems, directories (e.g., Active Directory, Entra ID), and enterprise applications.
• Deploy and maintain Privileged Access Management (PAM) solutions
• Enforce session recording, just-in-time access, and password vaulting for privileged accounts.
• Implement and manage Identity Governance and Administration (IGA) tools
• Design IAM solutions, including authentication, authorization, identity provisioning, access management, and privileged access management considering security best practices and industry standards.
• Identify IAM-related risks and vulnerabilities and develop strategies to mitigate them effectively.
• Provide technical guidance and oversight during the implementation of IAM solution. Support implementation of the service.
• Develop and manage IAM policies, procedures, and standards to enforce consistent security practices across Blue Yonder.
• Ensure IAM solutions comply with relevant regulatory requirements (e.g., GDPR, HIPAA, PCI DSS) and industry standards (e.g., NIST, ISO/IEC).
• Integrate IAM services with security capabilities in other domains.
• Develop and generate KRI/KPIs for the service.
• Maintain alignment with threat landscape and industry trends.
• Assess maturity and develop continuous improvement plans for the service.
• Participate in security architecture reviews and design discussions to embed the risk optimized controls.
• Partner with enterprise architecture and application development team to enhance the security of the products.

What we are looking for:

Required Skills:

• 10+ years of experience in information security, cybersecurity or cloud security.
• 5+ years of IAM (Identity Access Management) experience.
• Must have experience in designing, implementing, and managing cloud IAM and/or PAM solutions on-premises and in cloud.
• Must have solid experience in Entra ID and Active Directory.
• Must have experience with at least one of the following: LDAP, SSO, MFA, SAML, OAuth, and/or OpenID Connect.
• Experience working with Privileged Access Manager (PAM) and Identity Governance & Administration (IGA) solutions/tools.
• Strong understanding of secrets management and encryption.
• Experience with at least one public cloud infrastructure such as Microsoft Azure, GCP, or AWS.
• Bachelor's degree in cybersecurity, computer science or related field.

Preferred Skills:

• Certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or equivalent.
• Understanding of Public Key Infrastructure (PKI) and/or digital certificates nice to have.
• Deep understanding of Zero Trust security models.
• Experience in identifying, assessing security risks, and implementing risk mitigation strategies.
• Familiarity with security frameworks such as NIST-CSF, and CIS controls.
• Understanding of regulatory requirements related to IAM, such as GDPR, HIPAA, SOX and experience implementing controls to ensure compliance.
• Excellent written and oral communication skills.

#LI-MH1

-------------------------------------------

The salary range for this position is: $ 137,126.93 - $ 172,873.06.

The salary range information provided, reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual salary will be commensurate with skills, experience, certifications or licenses and other relevant factors. In addition, this role will be eligible to participate in either the annual performance bonus or commission program, determined by the nature of the position.

At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that includes:

• Comprehensive Medical, Dental and Vision

• 401K with Matching

• Flexible Time Off

• Corporate Fitness Program

• A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more

At Blue Yonder, we are committed to a workplace that genuinely fosters inclusion and belonging in which everyone can share their unique voices and talents in a safe space. We continue to be guided by our core values and are proud of our diverse culture as an equal opportunity employer. We understand that your career search may look different than others, and embrace the professional, personal, educational, and volunteer opportunities through which people gain experience.

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours? Find out here: Core Values

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.