IAM Engineer (Remote in the US)

Position Overview

We are growing! GuidePoint Security is hiring an IAM Engineer / Access Management Operations Developer to join our implementation team on a full-time basis. This is a fully remote role where we are looking for deep expertise in IAM development, DevOps practices, and code operationalization, combined with hands-on implementation experience across multiple IAM platforms.

The IAM Engineer / Access Management Operations Developer is a hybrid role where you will split your time between two critical functions:50% of your time will be dedicated to development activitiesincluding building reusable code assets, establishing internal development standards, and creating web services and automation solutions.The other 50% of your time will be focused on administrator and implementation tasksfor Okta, Ping Identity, and Microsoft Entra ID platforms, working directly with clients to deploy and configure IAM solutions.

This role ensures that custom code, integrations, and automation developed for client engagements are properly sanitized, documented, and stored in internal repositories for reuse across future projects. You will also provide hands-on implementation support, configuring IAM platforms and ensuring successful delivery of client projects.

Key Responsibilities

Code Development & Web Services (25% of role)

• Develop custom web services including Secure Token Service (STS) capabilities for authentication and authorization workflows
• Build custom integrations and automation using API development languages including Python, JavaScript/Node.js, PowerShell, Java, and REST APIs
• Develop complex Okta Workflows including custom connectors, helper flows, and API integrations
• Create Auth0 Action Scripts for custom authentication and authorization logic
• Develop PingFederate custom adapters and integration kits
• Build custom connectors and integrations for Okta, Auth0, Ping Identity, and Microsoft Entra ID platforms
• Develop API gateways, middleware solutions, and identity federation components
• Create automation scripts for identity lifecycle management, provisioning, and access governance

Code Operationalization & Repository Management (25% of role)

• Establish and maintain a sanitized internal code repository for Access Management practice assets
• Develop standards and procedures for code sanitization, ensuring all client-specific information is removed before code is stored internally
• Create reusable code libraries, templates, and frameworks from client engagement deliverables
• Build and maintain a catalog of reusable code assets including:




• Okta Workflows templates and custom connectors
• Auth0 Action Scripts libraries
• PingOne DaVinci automation libraries
• PingFederate custom adapters
• API integration patterns and middleware components
• Automation scripts and helper utilities




• Implement version control best practices using Git and establish branching strategies
• Develop documentation standards for all code assets including usage guides, API documentation, and implementation examples
• Create code review processes and quality assurance standards for internal code contributions

IAM Platform Administration & Implementation (50% of role)

• Deploy, configure, and manage Auth0 tenants including user stores, connections, APIs, and applications for client CIAM implementations
• Implement Auth0 Universal Login experiences with custom branding, MFA, and passwordless authentication flows
• Configure Auth0 Organizations for B2B CIAM scenarios including multi-tenant architectures and organization-level policies
• Design and implement customer identity and access management (CIAM) solutions using Auth0 for consumer-facing applications and digital experiences
• Build and configure Auth0 Actions pipelines for custom authentication and authorization logic in login, registration, and post-login flows
• Implement social identity providers (Google, Facebook, Apple, etc.) and enterprise connections for customer authentication
• Configure Auth0 APIs and Machine-to-Machine (M2M) authentication for secure API access management
• Deploy and manage Okta environments including Universal Directory, Lifecycle Management, Workflows, and API Access Management for client implementations
• Implement and configure Okta Access Gateway (OAG) solutions for header-based authentication and legacy application integration
• Deploy and configure Ping Identity solutions including PingFederate, PingOne, and PingAccess for client environments
• Implement and manage Microsoft Entra ID (formerly Azure AD) including Conditional Access, Identity Protection, and application integrations
• Configure Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Adaptive Authentication across client application portfolios
• Implement progressive profiling, user consent management, and privacy controls for CIAM use cases
• Design and implement customer registration and onboarding flows with email verification, social sign-up, and self-service account management
• Configure Auth0 user migration strategies including bulk imports, trickle migration, and automatic migration from legacy identity systems
• Implement user lifecycle governance including provisioning, deprovisioning, and access certification workflows
• Configure authentication policies, authorization rules, and security controls for client deployments
• Integrate IAM platforms with AD/LDAP, cloud directories, SCIM provisioning, SAML/OIDC applications, and cloud services (AWS/Azure/GCP)
• Implement customer data synchronization between Auth0 and CRM systems, marketing platforms, and customer data platforms (CDPs)
• Configure Auth0 log streaming to SIEM solutions and analytics platforms for customer behavior monitoring
• Perform platform administration tasks including user management, group management, policy configuration, and troubleshooting
• Support client implementations by configuring applications, testing integrations, and resolving technical issues
• Provide technical support during client onboarding and post-implementation phases

Project Oversight & Client Success

• Lead technical architecture on very large and complex IAM transformation projects
• Provide both strategic and tactical oversight on either a single large client engagement or multiple smaller projects concurrently
• Provide technical guidance and mentorship to delivery team members
• Identify and mitigate technical and project risks, escalating issues when necessary
• Develop and refine standard operating procedures (SOPs) and templates to improve consistency and quality across engagements
• Create and maintain technical architecture documentation, implementation guides, and best practice frameworks

Minimum Qualifications

• Bachelor's degree in Computer Science, Software Engineering, Information Security, or related field - or equivalent work experience
• 3-5+ years of experience in software development and IAM platform administration
• Strong proficiency in multiple programming languages including Python, JavaScript/Node.js, and PowerShell
• Hands-on experience with REST API development and integration
• Hands-on experience administering and implementing Okta including Universal Directory, Lifecycle Management, SSO, and MFA configuration
• Experience with Ping Identity platform administration (PingFederate, PingOne, or PingAccess)
• Experience with Microsoft Entra ID (formerly Azure AD) administration including user management, Conditional Access, and application integration
• Experience with Okta Workflows development including custom connectors and API integrations
• Experience developing custom code for IAM platforms such as Okta, Auth0, or Ping Identity
• Strong understanding of Git version control and repository management
• Experience with CI/CD pipelines and DevOps practices
• Deep knowledge of SSO protocols (SAML, OIDC, OAuth), authentication flows, and access management concepts
• Experience with code sanitization and creating reusable code libraries
• Strong documentation skills and ability to create technical guides and standards
• Understanding of secure coding practices and application security principles
• Ability to balance development work with hands-on implementation and client support activities

Preferred Qualifications

• 3-5+ years of IT Professional services and consulting experience
• Experience building Secure Token Service (STS) or similar authentication web services
• Advanced experience with Okta Workflows including error handling, performance optimization, and complex automation
• Experience developing Auth0 Action Scripts, Rules, or Hooks
• Experience developing PingFederate custom adapters or integration kits
• Advanced experience with Microsoft Entra ID custom development and automation
• Experience with multiple IAM platforms in both development and administration capacities
• Proficiency in additional programming languages such as Java, or Go
• Experience with Infrastructure as Code tools (Terraform, CloudFormation, Ansible)
• Experience with containerization and orchestration (Docker, Kubernetes)
• Experience establishing internal code repositories and developer portals
• Knowledge of API security best practices and OAuth 2.0 / OpenID Connect implementation
• Experience with automated testing frameworks (Jest, PyTest, JUnit)
• Experience with secrets management solutions (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault)
• Experience with Windows/Linux server administration and Active Directory
• Professional certifications such as:
• Okta Certified Professional / Okta Certified Administrator / Okta Certified Developer
• Ping Identity certifications
• Microsoft Certified: Identity and Access Administrator Associate
• Auth0 certifications
• AWS Certified Developer or Azure Developer Associate
• Security+, CISSP, or similar

The Team

Coming to the Access Management team means working on the leading edge in the IAM space. As an IAM Engineer / Access Management Operations Developer, you will be partnering with architects and engineers to build the code foundation that powers our IAM implementations for some of the largest companies in the US, while also getting hands-on experience implementing and configuring IAM platforms for clients. This unique hybrid role allows you to both create innovative development solutions and see them deployed in real-world enterprise environments.

You will play a critical role in operationalizing our development efforts, ensuring that the innovative solutions we create for clients become reusable assets that accelerate future engagements and improve delivery quality. Your work will directly impact the efficiency and consistency of our practice, while your hands-on implementation experience will keep you connected to real client challenges and emerging CIAM trends.

We partner with the largest vendors in the space to ensure that the latest training is always available to our team. High level communication and collaboration are the standard. Mentorship at all levels, from Senior Architects to Junior Engineers, is foundational to our culture. We don't just talk about work life balance; we facilitate it with an unlimited PTO benefit.

We understand that in order to retain our talented team, leadership must provide regular feedback and coaching. We recruit new members to the team with the understanding that opportunities for growth are important. Whether your goals include future leadership opportunities, becoming an Architect or even moving to another discipline within security in time, the leadership team is focused on partnering with you to help achieve them.