ForgeRock Identity and Access Management Engineer

Position is bonus eligible.

Prestigious Financial Institution is seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. The candidate will be responsible for access control and related programs, supporting applications like ForgeRock, SailPoint, and Duo. The role emphasizes integrating internal applications with the ForgeRock Identity suite using OAuth methodologies and custom scopes, collaborating with application development teams and enterprise architecture. Team members will work on IAM system design, implementation, and operational support, as well as assist with compliance, control evaluation, and audit evidence gathering.

• Perform primary duties satisfactorily, including administration and configuration of IAM products, especially ForgeRock Identity.
• Develop custom integrations, workflows, and rules using Agile methodologies.
• Plan, implement, enforce, and review security policies, procedures, and controls specific to IAM.
• Process access requests and issue tickets for internal and external customers.
• Lead troubleshooting and resolution of system issues affecting enterprise production.
• Manage project phases from design to deployment.
• Report on controls, gather evidence, and ensure control execution.
• Collaborate across IT and Business departments to implement technical solutions.
• Monitor, evaluate, and maintain systems to enforce best practices for user access control.
• Research and implement changes to enhance system security.
• Communicate security policies and procedures to users.
• Assist customers with multi-platform security access issues.
• Identify or develop tools to monitor and manage risk.
• Support management with special projects and additional duties as needed.

• Proven ability to report on controls, gather evidence, and execute controls effectively.
• Experience working across IT and Business units to implement solutions.
• Ability to monitor and evaluate systems to uphold access management best practices.
• Knowledge of security frameworks (e.g., NIST, COBIT).
• Experience supporting ForgeRock Identity Platform components.
• Familiarity with Multi-Factor Authentication systems (e.g., Duo, Entrust).
• Knowledge of Single Sign-On protocols (OIDC, OAuth2.0, SAML) and systems (Okta, Ping, Siteminder).
• Development skills in Java, JavaScript, Groovy, Python, and shell scripting.
• Understanding of Encryption and Network protocols (SSL, IPv4, HTTP).
• Basic Linux and Windows server administration knowledge.
• Familiarity with AWS and IT audit processes.
• Preferred skills include SailPoint Identity IQ, E-GRC/Archer, ServiceNow, Mainframe architecture, and Directory services.
• Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent experience.
• 7+ years of IAM experience preferred.
• Industry certifications such as CISSP or ITIL are advantageous.