Cybersecurity IAM Engineer

Location: Monterrey, Nuevo León, Mexico (Hybrid - candidates must reside in Monterrey or the metropolitan area)

Language requirement: Fluent English (spoken and written)

We are seeking a Cybersecurity IAM Engineer to design, implement, and optimize identity and access solutions across our global infrastructure. This role plays a key part in securing user and system identities across Okta, Azure AD, Active Directory, and AWS IAM, enabling secure digital operations while enforcing Zero Trust and least privilege at scale.

As an IAM Engineer, you'll go beyond processing tickets—you'll build automations, optimize SSO and federation integrations, enforce policy controls through scripting, and work with cross-functional teams to secure identity lifecycles across IT and OT environments. Come and join a great team who are driving tomorrow's cybersecurity.

• Design, implement, and maintain IAM solutions across Okta, Azure AD, Active Directory, and AWS IAM
• Integrate and manage SSO and MFA for cloud and on-prem applications using SAML, OAuth, WS-Federation, and SCIM
• Automate identity workflows, group assignments, access revocations, and certification campaigns using tools like PowerShell, Python, or Okta Workflows
• Enforce access controls aligned to Zero Trust, RBAC, and JML (Joiner-Mover-Leaver) lifecycle policies
• Harden IAM configurations in hybrid environments (e.g., password policies, conditional access, privileged account handling)
• Participate in the evaluation and integration of IAM-related technologies and security enhancements
• Collaborate with IT, cloud, HRIS, and security engineering teams to embed identity governance in enterprise systems
• Assist with privileged access management (PAM), identity federation design, and directory service integrations
• Support audit and compliance efforts by maintaining evidence, resolving control gaps, and improving access visibility
• Other duties as assigned by organization leadership

• Possess strong communications and interpersonal skills in English
• Self‑directed, organized, and able to manage multiple priorities
• Strong ability to work collaboratively with others, to influence based on knowledge and experience
• Strong experience with identity platforms: Okta, Azure AD, Active Directory, AWS IAM
• Hands‑on knowledge of authentication standards: SAML, OAuth, OIDC, WS‑Federation
• Proficiency in scripting or automation (e.g., PowerShell, Python, Bash)
• Experience with identity lifecycle automation, group policy management, and access governance tooling
• Working knowledge of federated identity, MFA, conditional access, and directory sync processes
• Familiarity with IAM‑related components of frameworks like NIST CSF, ISO 27001, and CIS Controls

• Certifications: Okta, Azure, CompTIA Security or similar
• Experience with identity governance platforms
• Familiarity with compliance frameworks such as NIST CSF, ISO 27001, CIS Controls, or SOX
• Experience with identity governance platforms and PAM solutions
• Familiarity with AI or LLM tooling for identity analytics, automation, or anomaly detection

• Build identity security controls at global scale for a diversified energy and technology leader
• Be part of a security team driving Zero Trust transformation across IT and OT
• Use modern IAM platforms with the freedom to innovate and automate