What are the responsibilities and job description for the IAM Engineer II position at Osaic?
Identity Access Management Opportunity in Financial Services
IAM Engineer II
Location(s):
Atlanta: 2300 Windy Ridge Pkwy SE, Suite750, Atlanta, GA 30339
La Vista:12325 Port Grace Blvd, La Vista, NE 68128
Oakdale: 7755 3rd St. N, Oakdale, MN 55128
Scottsdale: 18700 N Hayden Rd, Suite 255, Scottsdale, AZ 85255
St. Petersburg: 877 Executive Center Dr. W, Suite 300, St. Petersburg, FL 33702
Osaic has returned to the office on a hybrid schedule requiring a minimum of 4 days weekly in the office. Applicants should be located at one of our hubs listed above and must be willing to work this schedule.
Role Type: Full-time, Non-Exempt
Salary: $120,000 - $156,000 per year annual performance-based bonus
Actual compensation offered will be determined individually, based on a number of job-related factors, including location, skills, licensure, experience, and education.
Our competitive compensation is just one component of Osaic’s total compensation package. Additional benefits include health, vision, dental insurance, 401k, paid time away, volunteer days and much more. To view more details of what you can look forward to, visit our careers page: Osaic Benefits.
Summary
The IAM Engineer II is responsible for executing daily identity and access management operations across the identity management platforms. This role supports user onboarding/offboarding, Single Sign On (SSO) integrations, access requests, entitlement administration, and basic privileged access functions. The IAM Engineer II ensures that identity controls are applied consistently and securely, enabling reliable access for users while reducing risk to the organization. This position will report to the Head of IAM and Network Security Eng & Ops.
Education Requirements
Bachelor’s degree preferred, high school diploma (or equivalent) in combination with significant experience will be considered in lieu of degree. Minimum of high school diploma or equivalent is required.
Responsibilities
Osaic is an equal opportunity employer. We celebrate diversity in our workplace and we hire the most qualified candidates without regard for age, ethnicity, gender, gender identity or expression, language differences, nationality or national origin, family or marital status, physical, mental, and developmental abilities (or the perception of a disability), genetic information, race, religion or belief, sexual orientation, skin color, social or economic class, education, work and behavioral styles, political affiliation, military service, caste, or any other characteristic protected by law.
Eligibility
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Osaic.
Unqualified Applications
Osaic does not consider applications from candidates who do not meet the minimum qualifications stated in the job posting.
Recruiting Agencies
Osaic only accepts candidates from contracted recruiting firms and only for searches approved prior to submissions. Fees will not be paid for unsolicited submissions.
IAM Engineer II
Location(s):
Atlanta: 2300 Windy Ridge Pkwy SE, Suite750, Atlanta, GA 30339
La Vista:12325 Port Grace Blvd, La Vista, NE 68128
Oakdale: 7755 3rd St. N, Oakdale, MN 55128
Scottsdale: 18700 N Hayden Rd, Suite 255, Scottsdale, AZ 85255
St. Petersburg: 877 Executive Center Dr. W, Suite 300, St. Petersburg, FL 33702
Osaic has returned to the office on a hybrid schedule requiring a minimum of 4 days weekly in the office. Applicants should be located at one of our hubs listed above and must be willing to work this schedule.
Role Type: Full-time, Non-Exempt
Salary: $120,000 - $156,000 per year annual performance-based bonus
Actual compensation offered will be determined individually, based on a number of job-related factors, including location, skills, licensure, experience, and education.
Our competitive compensation is just one component of Osaic’s total compensation package. Additional benefits include health, vision, dental insurance, 401k, paid time away, volunteer days and much more. To view more details of what you can look forward to, visit our careers page: Osaic Benefits.
Summary
The IAM Engineer II is responsible for executing daily identity and access management operations across the identity management platforms. This role supports user onboarding/offboarding, Single Sign On (SSO) integrations, access requests, entitlement administration, and basic privileged access functions. The IAM Engineer II ensures that identity controls are applied consistently and securely, enabling reliable access for users while reducing risk to the organization. This position will report to the Head of IAM and Network Security Eng & Ops.
Education Requirements
Bachelor’s degree preferred, high school diploma (or equivalent) in combination with significant experience will be considered in lieu of degree. Minimum of high school diploma or equivalent is required.
Responsibilities
- Automate Joiner/Mover/Leaver (JML) processes, including provisioning, de-provisioning, access requests, and access reviews.
- Ensure group based and role-based access is assigned accurately and timely.
- Troubleshoot identity issues such as failed provisioning tasks, directory sync, and entitlement assignments.
- Process access requests and approvals; maintain entitlement catalogs and birthright access definitions.
- Assist in quarterly and ad hoc access certification campaigns.
- Onboard applications to identity platforms using REST APIs and JSON field mapping.
- Onboard applications for SSO using standard SAML/OIDC templates.
- Ensure adherence to least privilege and separation of duties (SoD) requirements.
- Collect and maintain evidence for audits and identity reviews.
- Follow established change management, documentation, and incident management processes.
- Use PowerShell or basic REST API calls for simple identity queries or repeatable tasks.
- Maintain runbooks, knowledge base articles, and user facing guides.
- Participate in identity related incident handling and troubleshooting.
- All other duties as assigned.
- 1–3 years of experience in IT, security operations, or identity administration.
- Hands-on experience with user and group management.
- Familiarity with SAML, OIDC, and basic authentication/authorization principles.
- Understanding of IAM concepts such as MFA, RBAC, provisioning, and JML workflows.
- Basic scripting experience (PowerShell, Python, or similar).
- Strong analytical and troubleshooting skills; attention to detail.
- Ability to follow documented procedures and maintain accurate records.
- Experience with an IAM platform (provisioning, access requests, access reviews, connectors).
- Experience with onboarding applications for SSO.
- Exposure to PAM (Privileged Access Management) tools and workflows.
- Understanding of security frameworks and controls (least privilege, SoD, zero trust).
- Ability to read logs and debug authentication or provisioning errors.
- CompTIA Security , Microsoft SC-900, Microsoft SC-300, (ISC)² CC or SSCP
Osaic is an equal opportunity employer. We celebrate diversity in our workplace and we hire the most qualified candidates without regard for age, ethnicity, gender, gender identity or expression, language differences, nationality or national origin, family or marital status, physical, mental, and developmental abilities (or the perception of a disability), genetic information, race, religion or belief, sexual orientation, skin color, social or economic class, education, work and behavioral styles, political affiliation, military service, caste, or any other characteristic protected by law.
Eligibility
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Osaic.
Unqualified Applications
Osaic does not consider applications from candidates who do not meet the minimum qualifications stated in the job posting.
Recruiting Agencies
Osaic only accepts candidates from contracted recruiting firms and only for searches approved prior to submissions. Fees will not be paid for unsolicited submissions.
Salary : $120,000 - $156,000