Position: Identity and Access Management (IAM) Engineer

Location: Chicago, IL

Salary Range: 125k-145k

Benefits: This position is eligible for medical, dental, vision, and 401(k)

Position Summary:

We are seeking a skilled and detail-oriented Identity and Access Management (IAM) Engineer to join our security team. This role is critical in ensuring secure, compliant, and efficient access to systems and data across the organization. The IAM Engineer will be responsible for designing, implementing, and maintaining IAM solutions, supporting authentication and authorization mechanisms, and enforcing least-privilege access models.

Key Responsibilities:

• Design, implement, and maintain IAM systems, including identity lifecycle management, access provisioning/de-provisioning, single sign-on (SSO), and multi-factor authentication (MFA).
• Develop and enforce access control policies, role-based access models, and least privilege principles.
• Manage identity lifecycle processes across internal and external systems (e.g., onboarding, offboarding, access reviews).
• Support directory services integration (e.g., Active Directory, Azure AD, LDAP).
• Collaborate with application owners and IT teams to onboard systems to IAM platforms and ensure secure access controls.
• Conduct periodic access certifications and audits; support compliance requirements (SOX, HIPAA, GDPR, etc.).
• Troubleshoot and resolve IAM-related incidents and requests.
• Assist in the evaluation and implementation of new IAM tools and technologies.
• Develop and maintain documentation related to IAM policies, procedures, and configurations.

Qualifications

• Required:
  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field—or equivalent work experience.
  • 3–5+ years of experience in identity and access management or related information security role.
  • Hands-on experience with IAM tools (e.g., Okta, Azure AD, SailPoint, CyberArk, or similar).
  • Solid understanding of access control models (RBAC, ABAC, PBAC), LDAP, SAML, OAuth2, and OpenID Connect.
  • Experience integrating IAM solutions with cloud platforms (AWS, Azure, GCP).
  • Proficient in scripting languages (e.g., PowerShell, Bash, Python).
  • Familiarity with security compliance frameworks and standards (NIST, ISO, PCI-DSS).
• Preferred:
  • Familiarity with Zero Trust architecture and security frameworks (NIST, ISO 27001).
  • Experience with cloud IAM (AWS IAM, Azure RBAC, GCP IAM).

Addison Group is an Equal Opportunity Employer. Addison Group provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. Addison Group complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. Reasonable accommodation is available for qualified individuals with disabilities, upon request.