Piper Companies is seeking an experienced  Identity and Access Management (IAM) Engineer  to join a leading cybersecurity team supporting enterprise-scale IAM operations. This  hybrid role is based out of  Reston, VA , offering a mix of onsite collaboration and remote flexibility. The position focuses on the security, scalability, and operational excellence of IAM systems across a complex infrastructure. The ideal candidate will bring deep technical expertise in IAM platforms, cloud integrations, and security frameworks, while also mentoring junior engineers and collaborating across teams. Responsibilities of the IAM Engineer include:

Administer and support IAM systems, ensuring performance, integration, and security. Design and manage Single Sign-On (SSO) solutions using Ping Identity. Lead development and integration of Multi-Factor Authentication (MFA) strategies. Implement Identity Governance and Administration (IGA) projects using SailPoint, including application onboarding, access certifications, and lifecycle management. Oversee Privileged Access Management (PAM) deployments to secure critical systems and monitor privileged access. Align IAM architecture with security frameworks such as NIST and CIS, supporting strategic planning and compliance. Collaborate with cross-functional teams and vendors to assess technologies and drive procurement decisions. Mentor junior engineers and communicate IAM strategies across technical and non-technical audiences. Maintain operational documentation using tools like Confluence Wiki. Qualifications for the IAM Engineer include :

Bachelor’s degree in Computer Science, Information Technology, or a related field. 8+ years of experience in IT with a focus on IAM security architecture and platform administration. Certifications such as CIAM, CISSP, or vendor-specific IAM credentials. Proficiency in Java, Python, and Ansible. Expertise in SSO, MFA, IGA, PAM, and IAM protocols like SAML, OAuth, and OIDC. Experience with Ping Identity, SailPoint IdentityIQ, and REST API integrations. Familiarity with cloud-based IAM in AWS, Azure, or similar platforms. Strong understanding of IAM in high-availability, global infrastructures, and proactive defense against cyber threats. SailPoint Certified IdentityIQ Engineer preferred. IMI certifications or training a plus. Compensation for the Resident Network Engineer includes: Salary Range: $, - $, Comprehensive Benefits: Medical, Dental, Vision, K, PTO, Sick Leave if required by law, and Holidays Keywords: #LI-CG1 #LI-HYBRID

IAM Engineer, Identity and Access Management, Ping Identity, SailPoint, IdentityIQ, SSO, MFA, PAM, IGA, Cybersecurity, Security Architecture, Authentication, Authorization, SAML, OAuth, OIDC, REST API, Java, Python, Ansible, Azure, AWS, Cloud IAM, Privileged Access, Application Onboarding, Access Certification, Lifecycle Management, NIST, CIS, Confluence, CIAM, CISSP, IAM Compliance, IAM Operations, IAM Strategy, IAM Integration, IAM Automation, IAM Governance, IAM Security Protocols, IAM Engineering, IAM Infrastructure, Hybrid Role, Security Engineer, Cloud Security, SIEM, XDR, IAM Monitoring, Identity Lifecycle, Role-Based Access Control, RBAC, Least Privilege, Zero Trust Architecture,