Senior Identity and Access Management Engineer
140k - 170k USD
Remote
Full Time
#Information Security
#IAM
#Azure
#AWS
#SSO
#MFA
KBRA Holdings, LLC is a full-service credit rating agency operating across the U.S., the EU, the UK, and Canada, providing essential structured finance ratings for global investors. We are looking for a Senior Identity and Access Management Engineer to join our Information Security team and design a modern, secure framework for authentication and authorization across our entire business.
Responsibilities
- Design and oversee comprehensive IAM projects from initial planning through to final implementation.
- Develop technical architecture for a global workforce, focusing on SSO, MFA, zero trust network access, and privileged account management.
- Manage the full identity lifecycle, including onboarding, offboarding, and role-based changes.
- Collaborate with leadership to align IAM models with our organizational risk posture.
- Create and maintain detailed technical documentation, including architecture diagrams and operational configuration guides.
- Strategize for hybrid infrastructure, supporting both on-premises and cloud-based applications for our remote workforce.
- Perform business impact analyses and risk assessments to recommend security improvements.
- Define key performance indicators and operational metrics to validate system success and identify areas for growth.
- Partner with incident responders to address potential security events and escalate issues when necessary.
- Ensure all access policies and controls are documented and audit-ready.
Must-haves
- Seven to ten years of experience in cybersecurity administration, with at least three years specifically as an IAM practitioner.
- Subject matter expertise in directory services, Microsoft Azure, AWS, SSO, MFA, and role-based access control.
- Strong understanding of IAM protocols such as SAML, SCIM, OAuth, OpenID, and Kerberos.
- Knowledge of cloud computing architecture, including IaaS, PaaS, and SaaS models.
- Experience with security governance, risk management, and access control fundamentals.
- Proficiency in scripting languages like Python, PowerShell, or Bash.
- Excellent communication skills and the ability to explain complex technical concepts to various stakeholders.
Nice-to-haves
- A bachelor’s degree in computer science, information assurance, or a related technical field.
- Professional certifications such as CISSP, CISM, CAMS, CIDPRO, or specific AWS/Azure security credentials.
- Hands-on experience with modern IAM platforms like Okta, Auth0, Ping Identity, or ForgeRock.
- Familiarity with IT service management tools and processes.
Benefits
The annual base salary for this position is $140,000 to $170,000.
- Comprehensive paid time off and leave programs.
- 401(k) plan with an employer match that is 100% vested.
- Financial support for professional development and education.
- Employee referral bonus program.
- Company-provided cell phone.
- Remote work flexibility.
KBRA
5 views



