Apply now »

Sr. IAM Engineer

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.


Why Us?

  • Best In-class Benefits
  • Inclusive Leadership
  • Reimagining Healthcare
  • Competitive Pay
  • Supportive Reporting Relation

Senior IAM Engineer – Privileged Access Management (CyberArk)

Job Summary

We are seeking a highly skilled and experienced Lead IAM Engineer specializing in Privileged Access Management (PAM), CyberArk, Active Directory, and Microsoft Entra ID (Azure AD). This role will lead the architecture, engineering, implementation, and operational excellence of enterprise IAM and PAM solutions across hybrid and cloud environments.

The ideal candidate will possess deep expertise in CyberArk EPV/EPM platforms, enterprise identity governance, Zero Trust security architecture, privileged account lifecycle management, and automation. This position requires strong leadership, strategic thinking, and hands-on engineering capabilities to drive secure identity operations and privileged access controls across the organization.

Key Responsibilities

Privileged Access Management (CyberArk)

  • Architect, deploy, configure, and support CyberArk components including:
    • Vault
    • CPM
    • PSM
    • PVWA
    • CCP
    • REST API integrations
  • Lead enterprise onboarding of privileged accounts across:
    • Windows
    • Linux/Unix
    • Network devices
    • Citrix infrastructure
    • Databases
    • Applications
    • Cloud platforms
  • Design and implement CyberArk Endpoint Privilege Manager (EPM) solutions for:
    • Windows
    • macOS
  • Define and maintain:
    • Safes and access models
    • Credential rotation policies
    • Session monitoring and recording standards
  • Manage PAM lifecycle activities including:
    • Onboarding
    • Migrations
    • Upgrades
    • Performance tuning
    • Disaster recovery
  • Develop governance standards aligned with enterprise security requirements.

Active Directory & Identity Security

  • Design and manage complex multi-domain and multi-forest Active Directory environments.
  • Implement:
    • Tiered administrative models
    • Privileged admin separation
    • GPO hardening
    • LDAPS security configurations
  • Identify and remediate:
    • Dormant accounts
    • Stale privileged accounts
    • Orphaned service accounts
    • Excessive privileged group memberships
  • Integrate Active Directory with CyberArk for privileged credential management and session governance.

Azure AD / Microsoft Entra ID

  • Architect and implement secure hybrid identity solutions.
  • Design and maintain:
    • Conditional Access policies
    • RBAC models
    • Privileged Identity Management (PIM)
    • MFA enforcement
    • Break-glass account strategies
  • Secure cloud administrative access using privileged workstation and Zero Trust methodologies.
  • Integrate CyberArk with:
    • Azure subscriptions
    • Cloud workloads
    • Privileged cloud identities

Security Architecture & Governance

  • Develop IAM/PAM reference architectures and solution blueprints.
  • Lead Zero Trust and least-privilege initiatives aligned with:
    • NIST
    • ISO 27001
    • SOX
    • HIPAA
    • GDPR
  • Review, approve, and validate technical security designs and implementations.
  • Drive integrations with:
    • ServiceNow
    • SailPoint
    • Cloud platforms
    • DevOps pipelines
  • Ensure audit readiness and compliance across IAM/PAM controls.

Automation & Innovation

  • Develop automation solutions using:
    • PowerShell
    • REST APIs
    • CyberArk APIs/CLI
    • ServiceNow workflow automation
  • Eliminate manual operational tasks through orchestration and automation.
  • Enhance:
    • Compliance reporting
    • Monitoring
    • Alerting
    • Operational efficiency

Operational Leadership

  • Act as the escalation point for complex IAM/PAM incidents and technical issues.
  • Develop and maintain:
    • SOPs
    • Runbooks
    • Operational documentation
    • Knowledge articles
  • Mentor junior engineers and provide technical leadership across PAM/IAM initiatives.
  • Collaborate with:
    • Security teams
    • Cloud teams
    • Infrastructure teams
    • Application owners
    • Business stakeholders
    • External vendors

Required Qualifications

Mandatory Technical Skills

  • Expert-level experience with:
    • CyberArk EPV
    • CyberArk EPM
  • Advanced knowledge of:
    • Active Directory
    • Microsoft Entra ID (Azure AD)
  • Strong experience in:
    • PAM architecture
    • Identity governance
    • Privileged access controls
    • Zero Trust security models
  • Hands-on scripting and automation expertise using PowerShell and REST APIs.
  • Experience supporting enterprise-scale IAM/PAM environments.

Preferred Skills

  • ServiceNow IAM/PAM integrations
  • SailPoint IdentityIQ or IdentityNow
  • Azure/AWS/GCP IAM
  • Endpoint security platforms
  • DevOps and CI/CD security integration
  • Infrastructure-as-Code exposure

Education & Experience

  • B.Tech
  • 10+ years of IAM/PAM engineering experience
  • 5+ years of hands-on CyberArk engineering and architecture experience
  • Relevant certifications preferred:
    • CyberArk Defender/Sentry
    • Microsoft Certified: Identity and Access Administrator
    • CISSP
    • Azure Security Engineer

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.

Apply now »