Sr Cybersecurity Engineer, Identity & Access Management (IAM)

Location: Monterrey, Mexico

Role: Sr. Security Engineer, IAM

Blue Yonder Job Profile: Sr. Security Engineer

Blue Yonder is a global leader in digital supply chain transformation, empowering the world’s most recognized brands with AI‑driven platforms and end‑to‑end visibility. As we continue strengthening our global security posture, we are investing heavily in modern identity‑first defense strategies—and this role will play a key part in that mission.

We are seeking a Senior Cybersecurity Engineer, Identity & Access Management (IAM) who will drive our enterprise Identity Governance and Administration (IGA) program and influence identity strategy across the organization. In this role, you will architect and engineer secure identity solutions that scale, reduce risk, and support business agility across hybrid and multi‑cloud environments. You will work hands‑on with leading IGA and IAM technologies—shaping identity lifecycle management, modern access control models, and governance workflows that protect users, applications, and data globally.

This is a high‑impact opportunity for someone who enjoys building, automating, and improving IAM capabilities at scale. You will collaborate across security, engineering, cloud, and application teams to standardize identity integrations, enforce policy, advance Zero Trust principles, and help mature identity security as a cornerstone of Blue Yonder’s cybersecurity strategy.

• Design, implement, and maintain Identity Governance and Administration (IGA) solutions, including user lifecycle management, access certification workflows, and automated provisioning/deprovisioning processes
• Support mentorship of more junior team members and upleveling the overall technical skill of the identity and access management team
• Identify strategic gaps in identity governance capabilities, analyzing current state and recommending improvements to IAM roadmaps and organizational identity strategy
• Collaborate with cross‑functional teams to integrate IAM best practices into application development, cloud deployments, and system architecture, ensuring secure identity integration across environments
• Develop and maintain IAM automation tools for identity lifecycle management, access reviews, policy enforcement, and continuous identity risk assessment
• Monitor and remediate identity‑related vulnerabilities, excessive privileges, and policy violations from IGA platforms, identity scanners, and access analytics tools
• Stay current with emerging IAM technologies, identity standards (SAML, OAuth, OIDC), and governance frameworks, influencing organizational identity architecture with industry best practices
• Support the detection, investigation, and resolution of identity‑related security incidents, including compromised accounts and unauthorized access events
• Configure and optimize identity management platforms, directory services, privileged access management solutions, and identity analytics tools
• Support compliance efforts (SOX, PCI‑DSS, ISO 27001, SOC 2) by implementing identity controls, access governance reporting, and audit capabilities for regulatory requirements
• Document IAM policies, identity governance processes, access standards, and identity architecture diagrams

• Azure AD / Entra ID, AWS IAM, GCP IAM, Oracle IAM
• Federation & SSO: SAML, OAuth, OIDC, SCIM
• IGA / IAM / PAM: Saviynt, Delinea

• SIEM/EDR/XDR (Splunk, Sentinel, CrowdStrike, etc.)
• Identity threat analytics and access risk tooling

• PowerShell, Python, REST / SCIM / Graph / SOAP APIs
• CI/CD & automated identity workflows (provisioning, access certs, lifecycle)

• RBAC / ABAC, SoD, Zero Trust, MFA, Conditional Access, Access Certification

• 5+ years of experience in Identity and Access Management, Security Engineering, or IAM‑focused technical roles with hands‑on IGA platform experience
• Expert knowledge of Identity Governance and Administration platforms (e.g., SailPoint, Saviynt, Oracle IGM, Microsoft Identity Manager) and their implementation across enterprise environments
• Deep understanding of IAM fundamentals including identity lifecycle management, access certification, role‑based access control (RBAC), attribute‑based access control (ABAC), and segregation of duties (SoD) enforcement
• Strong experience with cloud IAM services across AWS, Azure, and GCP, including identity federation, directory integration, and cross‑platform identity governance
• Proficient with identity‑related scripting and automation (e.g., PowerShell, Python, REST APIs) for IGA workflows, identity connectors, and access provisioning processes
• Experience implementing IAM solutions in fast‑paced or highly regulated environments (finance, healthcare, SaaS, etc.) with demonstrated ability to manage complex identity governance requirements and regulatory compliance at enterprise scale.

• Hands‑on experience with any of the following:
  • Saviynt IGA Platform
  • IAM Lifecycle Automation
  • API Integrations (REST, SOAP, GraphQL, Webhooks)
  • AI‑integrated workflows
• Experience leading organization wide initiatives and driving security outcomes that empower business goals.

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.