Senior SailPoint Engineer – ISC, IIQ
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior SailPoint Engineer managing ISC/IIQ identity programs remotely. Handling escalations, optimizing production, and driving enhancements.
Responsibilities:
- This position will be fully remote and can be hired anywhere in the continental U.S.
- Handle escalations from Tier 1, stabilize and optimize production, and drive small/medium enhancements.
- Keep identity lifecycle, access requests, certifications, and policy enforcement humming— with operational discipline, measurable SLAs, and crisp client communication.
- Build and optimize workflows, transforms, and policies (SoD, RBAC) in IIQ and ISC.
- Monitor and resolve aggregations, account correlations, provisioning failures, and campaign anomalies, tune schedules and thresholds.
- Maintain and troubleshoot Virtual Appliance (VA) health, connector upgrades, and connectivity (e.g., AD/Entra, HRIS, SaaS apps, databases).
- Build and maintain Workflows (low code), Transforms, policies (SoD, separation of function), and request/catalog items.
- Run monthly health checks and deliver operational reports (KPIs, trendlines, incidents, changes, and risk/compliance signals).
- Act as escalation for Tier 1: triage, contain, and restore; perform root cause analysis and implement durable fixes.
- Create and improve runbooks/SOPs; automate recurring fixes and checks.
- Plan and execute low-risk changes (connector tuning, attribute mappings, workflow edits, catalog updates) within ITSM guardrails.
- Contribute to release readiness: sandbox validation, UAT coordination, deployment notes, and rollback plans.
- Translate operational signals into clear actions for client IAM owners and app teams.
- Advise on access modeling (Access Profiles vs. Roles), campaign design, and birthright vs. requestable access.
- Provide backlog intake sizing for Tier-3/architecture where code or complex redesigns are required.
- Okta/Entra ID Integration experience: Govern downstream via SCIM/API targets; align joiner/mover/leaver flows; validate group/entitlement posture.
- CyberArk (PAM) Integration experience: Support governance integrations (e.g., safe/platform entitlement visibility, request/approval via SailPoint); assist with out-of-band privilege variance findings and clean-up campaigns.
- Feed events and metrics to SIEM/SOC (webhooks/API), enrich tickets with context, and contribute to correlation use-cases (e.g., excessive privilege anomalies, orphan/rogue accounts).
- Partner with compliance teams on attestation evidence, control testing cadence, and audit responses.
Requirements:
- 5+ years of verifiable IAM operations/consulting experience, with at least 2 years hands-on in SailPoint IIQ and ISC in production.
- Recent (≤12 months) hands-on experience with SailPoint ISC/IDP in a production setting.
- Proven Tier-2 ownership of aggregations, correlation, provisioning, certifications, workflow/transform tuning, catalog & access model hygiene, and VA/connector health.
- Solid grasp of identity lifecycle (joiner/mover/leaver), request/approval patterns, SoD policy design, and RBAC in large, distributed environments.
- Comfortable with logs, metrics, and MTTR/SLAs; can turn noisy failures into stable automation.
- Strong written/verbal communication—clear incident timelines, executive-level status, and precise change plans.
- Familiarity with Entra ID/AD, HR sources, and common SaaS targets from an IIQ connector perspective.
- SailPoint IIQ (Workflows, Access Requests, Certifications, Identity & Access Profiles, Transforms, Policies, Reports)
- Virtual Appliances, connector logs, account activity, and provisioning task views
- ITSM (ServiceNow/Jira), Confluence/knowledge base, basic API tooling (Postman/Curl) for IIQ v3 endpoints
- Basic scripting for ops automation (PowerShell or Python) and CSV/data fixes where appropriate
- Okta (governance targets via SCIM/API; SSO basics helpful but not the focus)- preferred
- CyberArk governance integration (safe/platform entitlement visibility and request flows)- preferred
- Cloud platforms (AWS/GCP) as identity sources/targets- preferred
- Security/compliance context: SOC 2, SOX, HIPAA, PCI; evidence packaging for audits- preferred
- Certifications (SailPoint, Microsoft, ISC²)- preferred
Benefits:
- A company committed to our inclusive value through our Employee Resource Groups
- Work/life balance
- Professional training resources
- Creative problem-solving and the ability to tackle unique, complex projects
- Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
- The ability and technology necessary to productively work remotely/from home (where applicable)
Similar Jobs
System Engineer
Systems Engineer responsible for designing and improving Lifepoint Health's data center infrastructure services. Collaborating with cross-functional teams to ensure stability, performance, and compliance in healthcare operations.
Senior Mechanical Commissioning Engineer
Senior Mechanical Commissioning Engineer leading commissioning activities for data center projects. Managing project teams and ensuring integration of mechanical and controls systems in mission-critical environments.
System Safety Engineer – Level 3/4
Systems Engineer Level 3/4 with Northrop Grumman focused on ensuring system safety for launch systems. Collaborating with teams to evaluate safety requirements and implement critical safety features.
Identity and Access Management Engineer – GOV
Identity and Access Management Engineer specializing in SailPoint IdentityNow platform operations for PNC. Collaborating across teams to ensure secure and compliant identity access management.
Forward Deployed Engineer – Product Focus
Forward Deployed Engineer helping banks build AI solutions. Collaborating with banking clients to deliver tailored software and support strategic outcomes.
Senior Electrical Program Engineer
Senior Electrical Program Engineer providing engineering expertise during complex project phases at Amazon. Focused on standardization, project execution, and stakeholder communication to meet Amazon's operational needs.
Associate Commissioning Engineer
Associate Commissioning Engineer supporting startup and troubleshooting of automated systems. Ideal for early-career engineers in industrial automation and controls commissioning.
Associate Commissioning Engineer
Associate Commissioning Engineer at FORTNA supporting startup and validation of automation systems. Engaging in extensive travel for field commissioning alongside a collaborative engineering team.
WebRTC Engineer
Staff WebRTC Engineer building a reliable real-time media infrastructure for Bond’s Video Relay Service. Collaboration with cross-functional teams to ensure optimal user experience for Deaf users.
Optimization Engineer
Optimization Engineer creating optimization programs for energy infrastructure projects. Collaborating with various teams to enhance operational performance and scalability in energy and data center projects.
Welding Engineer – Inspector
Welding Engineer/Inspector providing sustainable and continuous service support for welding processes compliance. Responsible for quality assurance and technical verification in welding certification services.
IT Project Engineer
IT Project Engineer responsible for onboarding compliant client environments for regulated investment firms. Collaborating with teams to deliver secure infrastructure and support onboarding projects end-to-end.
Senior Space Surveillance Engineer
Senior Space Surveillance Engineer at Slingshot Aerospace detecting and tracking satellites and debris. Leading projects and collaborating with global teams to enhance space operations.
Principal Astrodynamics Engineer
Astrodynamics Engineer leading development of algorithms for a commercial astronautics software library. Collaborating on complex aerospace problems with cross-functional teams.
Database Migration Engineer, DBA – Mid
Database Migration Engineer (DBA) focusing on SQL performance analysis, query optimization, and database monitoring for a global AI-driven company.
Senior Grid Infrastructure Commissioning Engineer, BESS
Sr. Energy Storage Commissioning Engineer at a leading BESS company delivering utility-scale energy storage projects. Overseeing design, construction, and commissioning with hands-on project delivery.
Senior Grid Infrastructure Commissioning Engineer, BESS
Sr. Energy Storage Commissioning Engineer overseeing technical engineering and project delivery for utility-scale BESS projects. Involves travel and partnership with various stakeholders in the renewable energy sector.
Kafka Engineer
Kafka Engineer responsible for Apache Kafka cluster development and administration. Supporting high-volume data streaming and real-time data integration for complex enterprise systems.
Service Desk Engineer
Service Desk Engineer providing premium IT support for a portfolio of high-profile clients across Mac and Windows. Primarily remote, with occasional client site visits in London.
Support Escalation Engineer
Windows Support Engineer ensuring flawless technology operation and client satisfaction at My IT Crew. Troubleshooting Microsoft technologies and building client relationships in a remote work environment.