Staff Identity Access Management Specialist- Eng

and operating scalable identity governance and privileged access solutions across our cloud and enterprise environments.

You will work closely with Security Engineering, Cloud Engineering, GRC, and application owners to ensure secure, compliant, and auditable access to systems and data-supporting UKG's regulatory obligations and zero-trust strategy.

About the Role:

• Design, implement, and operate Identity Governance (IGA) and Privileged Access Management (PAM) capabilities across enterprise and cloud environments

• Support FedRAMP and regulatory compliance initiatives by aligning IAM controls with NIST SP 800-53 requirements

• Develop, maintain, and review System Security Plans (SSPs) and supporting IAM documentation for audits and assessments

• Define and manage RBAC and ABAC models to enforce least-privilege access at scale

• Configure and manage access certification campaigns, including role reviews, entitlement reviews, and remediation workflows

• Partner with GRC, Security, and Audit teams to provide evidence, address findings, and continuously improve IAM controls

• Implement and support IAM integrations using SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), LDAP, and MFA

• Operate IAM solutions in GCP, supporting secure access to cloud resources and workloads

• Automate IAM processes using infrastructure-as-code, APIs, and scripting to improve reliability and efficiency

• Participate in incident response and operational support related to access provisioning, de-provisioning, and privileged access

About You:

Basic Qualifications:

• 4+ years of experience in Identity and Access Management or cybersecurity

• Strong knowledge of NIST SP 800-53 security controls and their application to IAM

• This position may perform work with the US government therefore:

  • Ideal candidate should be a US Citizen
  • Existing or previous Government Security Clearance preferred, or ability to obtain appropriate security clearance is required

• Proven experience documenting and maintaining System Security Plans (SSPs)

• Experience designing and implementing RBAC and ABAC access models

• Experience with SailPoint or Saviynt (administration, configuration, or implementation)

• Experience configuring and operating Access Certification Campaigns

• Hands-on experience with Google Cloud Platform (GCP) or another major cloud provider (AWS/Azure)

• Strong understanding of SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), LDAP, and Multi-Factor Authentication (MFA)

Preferred Qualifications:

• Experience working with ServiceNow for access requests, workflows, or integrations

• Hands-on experience supporting FedRAMP-regulated environments

• Hands-on experience with Identity Governance (IGA) and Privileged Access Management (PAM) solutions

• Experience using Terraform for IAM or cloud infrastructure automation

• Familiarity with GitHub for version control and collaboration

• Proficiency in at least one scripting language such as Python or PowerShell

• Experience integrating or operating IAM solutions using REST APIs

We are unable to provide sponsorship for this role now or in the future (including H1B, OPT, ect)

Company Overview:

UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry - because great organizations know their workforce is their competitive edge. Learn more at ukg.com.

Equal Opportunity Employer

UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories.

View The EEO Know Your Rights poster

UKG participates in E-Verify. View the E-Verify posters here.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Disability Accommodation in the Application and Interview Process

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email [email protected].

The pay range for this position is $115,100.00 to $165,450.00. The actual base pay offered may vary depending on skills, experience, job-related knowledge and work location. In addition to base pay, employees may be eligible to participate in a performance-based bonus plan and to receive restricted stock unit awards as part of total compensation. Learn more about UKG's benefits and rewards at https://https://www.ukg.com/about-us/careers/benefits