Cybersecurity IAM Engineer

About the role

We are looking for a Cybersecurity IAM Engineer to design, implement, and optimize identity and access management solutions across our global infrastructure. The role focuses on securing user and system identities using Okta, Azure AD, Active Directory, and AWS IAM while enforcing Zero Trust and least‑privilege principles. You will work in a hybrid environment based in Monterrey.

Key responsibilities

• Design, implement, and maintain IAM solutions across Okta, Azure AD, Active Directory, and AWS IAM.
• Integrate and manage SSO and MFA for cloud and on‑prem applications using SAML, OAuth, WS‑Federation, and SCIM.
• Automate identity workflows, group assignments, access revocations, and certification campaigns with PowerShell, Python, or Okta Workflows.
• Enforce access controls aligned with Zero Trust, RBAC, and JML lifecycle policies.
• Harden IAM configurations in hybrid environments, including password policies, conditional access, and privileged account handling.
• Participate in evaluating and integrating new IAM technologies and security enhancements.
• Collaborate with IT, cloud, HRIS, and security engineering teams to embed identity governance.
• Support privileged access management, identity federation design, and directory service integrations.
• Assist audit and compliance efforts by maintaining evidence and improving access visibility.

Required profile

• Strong communication and interpersonal skills in English.
• Self‑directed, organized, and able to manage multiple priorities.
• Proven ability to work collaboratively and influence technical decisions.
• Hands‑on experience with Okta, Azure AD, Active Directory, and AWS IAM.
• Knowledge of authentication standards such as SAML, OAuth, OIDC, and WS‑Federation.
• Proficiency in scripting or automation (PowerShell, Python, Bash).
• Experience with identity lifecycle automation, group policy management, and access governance tooling.
• Familiarity with IAM components of frameworks like NIST CSF, ISO 27001, and CIS Controls.

Required skills

• Okta
• Azure AD
• Active Directory
• AWS IAM
• SAML
• OAuth
• OIDC
• WS‑Federation
• PowerShell
• Python
• Bash
• SCIM
• MFA
• Conditional Access
• Privileged Access Management (PAM)