Infrastructure IAM Engineer

About the job

The world’s most critical--and at-risk--business applications have been neglected for far too long. Onapsis eliminates this blind spot by providing cybersecurity solutions dedicated to business-critical applications. Whether running on-premises, in the cloud, or in a hybrid environment, Onapsis helps nearly 30% of the Forbes Global 100 understand the threats and risks across their SAP and Oracle landscapes. 

What you will be doing, your legacy: 

Key activities and responsibilities:

Authentication Management

• Design, implement, and maintain secure authentication mechanisms, including Single Sign-On (SSO), SAML-based integrations, and Multi-Factor Authentication (2FA/MFA).
• Troubleshoot and optimize authentication flows to ensure a seamless and secure user experience.

Authorization and Access Control

• Develop and manage Access Control Models (e.g., RBAC), ensuring proper assignment of roles, permissions, and entitlements in line with the principle of least privilege.
• Review and refine access policies across systems and applications to reduce excessive or outdated privileges.

Directory Services Administration

• Maintain and support enterprise directory services, including on-premises and cloud-based identity services.
• Ensure proper synchronization, group management, and schema alignment across hybrid environments.
• Monitor and resolve issues related to directory replication, authentication failures, and policy enforcement.

User Lifecycle and Access Governance

• Oversee user provisioning, deprovisioning, and access modifications across internal systems and third-party platforms.
• Coordinate and execute periodic access reviews, audits, and certification processes to ensure compliance with internal policies and external regulations.

Requirements:

• 3+ years of experience in Identity and Access Management (IAM) across on-premises and cloud environments.
• Solid understanding of authentication protocols and standards, including SAML, OAuth, SCIM, LDAP and RADIUS.
• Hands-on experience with
• SSO & Federation tools (e.g., JumpCloud, Google, Okta)
• Multi-Factor Authentication solutions (e.g., Google/Microsoft Authenticator)
• Directory services (e.g., Active Directory, LDAP, AWS IAM, Azure AD)
• Practical knowledge of RBAC/ABAC and least privilege access principles.
• Experience managing user provisioning, deprovisioning, and access review processes.
• Familiarity with scripting tools (e.g., PowerShell, Python, etc) for IAM-related tasks.
• Strong documentation skills and experience supporting audit and compliance efforts.
• Effective communicator with a strong team-oriented mindset
• Spoken and written English level.

Desired skills or interests in:

• Practical experience working in an agile environment, with the ability to adapt to dynamic priorities and deliver results in fast-paced settings.
• Knowledge of information security standards such as ISO 27001, NIST 800-53, and CIS Critical Security Controls, with a strong understanding of related principles for risk identification and security analysis.
• Experience with identifying and resolving network-related issues.
• Relevant certifications in security, networking, and cloud environments.

What we offer: 

• A role in shaping the future of protecting the most critical applications that run the world's business and a career that grows as the company grows.
• A unique culture of high achievement and teamwork.
• Supportive and humble colleagues are the space's top problem solvers and innovators.
• Financial security through competitive compensation and incentives.

Employment: Onapsis hires full-time employees in Argentina.

Location: remote in Argentina.

About Onapsis:

Onapsis protects the business applications that run the global economy. The Onapsis Platform delivers vulnerability management, change assurance, and continuous compliance for business applications from leading vendors such as SAP, Oracle, and others. The Onapsis Platform is powered by the Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 1,000 zero-day vulnerabilities in business applications.

Onapsis is headquartered in Boston, MA, with offices in Heidelberg, Germany and Buenos Aires, Argentina, and proudly serves hundreds of the world’s leading brands, including close to 30% of the Forbes Global 100, six of the top 10 automotive companies, five of the top 10 chemical companies, four of the top 10 technology companies, and three of the top 10 oil and gas companies.

For more information, connect with Onapsis on LinkedIn or visit https://www.onapsis.com.

#LI-AC1

#Remote