We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.
Digital Identity IAM Manager (AM, PAM & IGA)
We are seeking a skilled and motivated IAM Engineering Manager to join our Digital Identity team. This role focuses on designing, implementing, and enhancing Identity and Access Management solutions across Access Management (AM), Privileged Access Management (PAM), and Identity Governance & Administration (IGA) platforms.
The ideal candidate will possess strong technical expertise in IAM technologies, automation skills, and experience integrating identity solutions across enterprise environments (cloud and on-premises).
Key Responsibilities
Access Management (AM)
• Design and implement Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federation solutions using SAML, OAuth 2.0, OIDC, and WS-Fed protocols.
• Integrate enterprise and third-party applications with IAM platforms such as Microsoft Entra ID, Okta, or Ping Identity.
• Configure Conditional Access policies and authentication flows based on security best practices.
• Troubleshoot authentication, federation, and token-related issues.
• Configure custom user journeys and custom policies (Trust Framework) for sign-up, sign-in, password reset, and profile management.
• Design and implement Customer Identity and Access Management (CIAM) solutions using Microsoft Entra ID B2C (Entra External ID) or equivalent CIAM platforms.
Privileged Access Management (PAM)
• Implement and manage privileged access solutions such as CyberArk, BeyondTrust, or Delinea. • Configure vaulting, session management, privileged account onboarding, and password rotation policies.
• Develop automation for privileged account lifecycle management and access approvals. • Implement least privilege and Zero Trust principles for administrative access.
Identity Governance & Administration (IGA)
• Deploy and manage IGA platforms such as SailPoint, Saviynt, or Microsoft Entra ID Governance. • Design and maintain access request workflows, approval processes, and certification campaigns. • Implement automated Joiner-Mover-Leaver (JML) processes. • Perform access reviews, entitlement analysis, and SoD (Segregation of Duties) monitoring.
Automation & Integration
• Develop scripts using PowerShell, Python, or REST APIs to automate IAM processes and integrations. • Integrate IAM solutions with HR systems, ITSM tools, and enterprise applications. • Build connectors and workflows for automated provisioning/de-provisioning. • Support CI/CD pipelines for IAM configuration deployment. • Implement Zero Trust architecture principles and identity-first security models. • Conduct architecture reviews and recommend improvements aligned with industry best practices. • Conduct periodic risk assessments related to identity and privileged access. • Support audit activities and provide documentation for compliance requirements.
• Develop and execute test cases for IAM workflows, integrations, and policy configurations. • Validate access controls and authentication flows to ensure secure deployment. • Conduct penetration testing support and remediation for identity-related vulnerabilities.
Leadership & Team Management
• Lead, mentor, and manage a team of IAM engineers and analysts. • Define team goals, KPIs, and performance objectives aligned with security strategy. • Conduct performance reviews, coaching sessions, and skill development planning. • Manage resource allocation, capacity planning, and project prioritization. • Drive a culture of automation, innovation, and continuous improvement.
Qualifications
• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience). • 12+ years of hands-on experience in IAM (AM, PAM, IGA). • Strong understanding of authentication protocols (OAuth 2.0, OIDC, SAML, LDAP, Kerberos). • Experience with directory services (Active Directory, Azure AD/Entra ID). • Proficiency in scripting/automation (PowerShell, XML, Python). • Experience integrating enterprise applications with IAM platforms. • Strong troubleshooting and analytical skills. • Excellent communication and documentation abilities.
Preferred Qualifications
• Vendor-specific certifications (CyberArk, SailPoint, Entra ID). • Familiarity with Zero Trust architecture frameworks. • Experience working in MSSP or large enterprise environments.
At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html
RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation.
Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com
Stay Alert: Avoid Recruitment Scams
Across industries, cybercriminals are posing as company recruiters using fake job postings and employment offers to trick people into providing personal information or payment. Be alert and never provide personal/financial information or payment to anyone claiming to offer a job opportunity. During the recruiting process, RSM US will never:
• Ask you for payment to process documents, purchase equipment, or for any other reason.
• Request your banking or credit card information
• Send you a check to purchase your own equipment
If you believe you are a victim of a job scam, it’s recommended that you report it to law enforcement, contact your financial institution and notify the website in which the job was listed.
---
RSM is the leading provider of assurance, tax and consulting services to the middle market. With over 17,000 professionals across the U.S. and Canada and a global presence in 120 countries, our purpose is to deliver the power of being understood to our clients, colleagues and communities. As first-choice advisors, we are focused on developing leading professionals and innovative services to meet our clients’ evolving needs in today’s ever-changing business environment.
At RSM, we strive to deeply understand the full picture of an employee’s individual skills and passions. Our culture empowers you to own your career to reach your goals and make a meaningful impact on the world around you. Gain limitless opportunities to grow forward personally and professionally. Don’t just go forward. #GrowForwardatRSM
For more information, visit rsmus.com
Learn how you can #GrowForwardatRSM visit www.rsmus.com/careers
