Job description
Join Quess as an Identity Access Management IAM Engineer in Makati City, Philippines. We are seeking a seasoned professional with 5+ years in IAM engineering or a closely related role to design, implement, and optimize secure access controls across cloud and on premises environments.
In this role, you will own the identity lifecycle, access governance, and policy enforcement across multiple platforms. You will implement and manage SSO, MFA, and privileged access management solutions, ensuring users have the right access at the right time while maintaining the highest security standards. You will collaborate with security, IT operations, and application teams to integrate IAM across apps and services, automate provisioning and de provisioning, and drive continuous improvement through metrics and audits.
Quess offers a dynamic, globally connected environment where you can grow your expertise in IAM technologies such as Azure AD, Okta, Ping Identity, AWS IAM, and cloud based PAM, while contributing to secure digital experiences for clients and colleagues.
If you are passionate about security and identity, this is a fantastic opportunity to advance your career with a forward thinking team at Quess.
Responsibility
- Lead design, implementation, and ongoing optimization of IAM architectures, including SSO, MFA, and PAM across cloud and on premise environments.
- Manage identity lifecycle, user provisioning and de provisioning, access reviews, and RBAC with automation where possible.
- Configure and maintain identity providers such as Azure AD, Okta, Ping Identity, and AWS IAM; support SCIM provisioning and de provisioning.
- Implement privileged access management and just in time access controls to minimize risk.
- Monitor, alert, and respond to access anomalies; perform regular audits and compliance reporting (ISO 27001, PCI DSS, NIST as applicable).
- Collaborate with security, IT operations, and application teams to integrate IAM into DevOps and software delivery pipelines.
- Develop and maintain runbooks, standards, and documentation; participate in change management and incident response related to IAM.
- Mentor junior engineers, contribute to security training, and drive continuous improvement through metrics and automation.
Qualification
- 5+ years of experience in Identity and Access Management engineering or a closely related role.
- Hands on experience with IAM technologies (Azure AD, Okta, Ping Identity, AWS IAM, Google Cloud IAM) and SSO protocols such as SAML 2.0 and OIDC.
- Strong knowledge of privileged access management, MFA, and identity governance.
- Automation and scripting skills (PowerShell, Python, or similar) for IAM tasks and remediation.
- Solid understanding of RBAC/ABAC, access reviews, and identity lifecycle management; familiarity with regulatory frameworks and audit requirements.
- Excellent communication, collaboration, and problem solving skills; ability to work with cross functional teams in a fast paced environment.
- Bachelor's degree in Computer Science, Information Technology, or a related field; relevant IAM certifications (eg CISSP, CISM, CISA) are a plus.
- Experience in a multinational or outsourcing environment is a plus.