IAM Governance & Automation Engineer

Bangalore-Karnataka-IndiaFull-timePosted Jul 2, 2026
Open original posting

Sr. Engineer - Identity Administration, Governance & Automation

Role Summary

The Sr. Engineer - Identity Administration, Governance & Automation will design, operate, and continuously improve enterprise Identity and Access Management capabilities across identity lifecycle, governance, federation, single sign-on, privileged access, and automation. This role will partner with HR, application, infrastructure, security, audit, and business teams to deliver secure, scalable, and well-documented IAM services.

What We Look For

  • 5+ years of experience implementing, operating, and improving enterprise IAM, IGA, SSO, and PAM solutions in large or complex environments.

  • Strong ability to design, build, operate, and automate security solutions and processes that protect the integrity of enterprise networks, systems, applications, and data.

  • Experience developing technical strategies, architectures, roadmaps, standards, and operational runbooks for IAM services.

  • Outstanding communication and presentation skills, with the ability to explain complex technical concepts to non-technical and leadership audiences.

  • Ability to respond to access-related incidents, authentication or authorization failures, audit findings, and control gaps through structured troubleshooting and cross-team coordination.

Key Responsibilities

  • Own and improve Joiner, Mover, Leaver lifecycle management processes, including user provisioning, transfers, terminations, birthright access, and exception handling.

  • Design and maintain workflow automation between IAM platforms, HR systems, directories, and business applications to reduce manual effort and improve control effectiveness.

  • Support identity governance processes including access certifications, Segregation of Duties (SoD), audit evidence collection, remediation tracking, and control reporting.

  • Design, operate, and enhance SSO and MFA capabilities using standards such as SAML, OAuth, and OpenID Connect (OIDC).

  • Troubleshoot authentication, authorization, directory synchronization, access provisioning, and entitlement issues across enterprise platforms.

  • Maintain high-quality documentation for governance policies, workflows, operational procedures, design decisions, and exception processes.

  • Partner with application owners, HR, audit, compliance, infrastructure, and security teams to onboard applications and align IAM controls with business and regulatory requirements.

Required Skills

Identity Administration

Experience in lifecycle management including Joiner, Mover, and Leaver processes; workflow automation; and integration of IAM platforms with HR systems and business applications.

Identity Governance

Strong understanding of Segregation of Duties (SoD), access certifications, audit processes, and remediation activities; ability to align governance practices with industry regulations and internal control expectations.

Single Sign-On (SSO)

Hands-on experience designing and managing SSO solutions; familiarity with authentication protocols including SAML, OAuth, and OpenID Connect (OIDC); knowledge of MFA implementation and adoption.

Technical Expertise

Hands-on experience with Active Directory, Microsoft Entra, and LDAP; experience with IGA vendors such as SailPoint, SoftwareIDM, and Saviynt; knowledge of IAM tools such as BeyondTrust, Okta, and Azure AD; openness to learning new tools and technologies.

Automation & Operations

Proficiency in scripting or programming languages such as PowerShell, Python, SQL, and Java; ability to automate IAM processes, troubleshoot authentication and authorization issues, and maintain documentation for governance policies and workflows.

Preferred Qualifications

  • Experience with IDaaS and IAM products such as Microsoft Entra, Okta, Ping Identity, Google Cloud Identity, SailPoint, Saviynt, SoftwareIDM, Omada, Microsoft Identity Manager, BeyondTrust, CyberArk, or equivalent solutions.

  • Experience with Microsoft 365, Active Directory, LDAP, SAML, OAuth, OIDC, MFA, APIs, and directory synchronization patterns.

  • Experience with cloud identity and access controls across Azure, AWS, or GCP.

  • Familiarity with Zero Trust architecture and access control models.

  • Familiarity with ServiceNow ticketing, CMDB, and operational request workflows.

  • Understanding of security and compliance frameworks such as NIST, PCI, GDPR, HIPAA-HITECH, or HITRUST.

  • Development or scripting experience with Python, Java, C#, .NET, PowerShell, Shell scripting, SQL, Web Services, SOAP/REST APIs, or RESTful integrations.

Certifications

  • CISSP, CISM, CISA, SANS, GIAC, CIMP, CEH, or equivalent security certification is a plus.

  • Okta Professional or Consultant certification is a plus.

  • Google, AWS, or Microsoft professional cloud architect certification is a plus.

Equal Employment Opportunity

Johnson Controls International plc. is an equal employment opportunity and affirmative action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law. If you are an individual with a disability and require accommodation during the application process, please visit johnsoncontrols.com/careers.

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free