
Staff Identity Access Management Specialist - Engineering
3w3 weeks agoUKG
Sunrise, US · Full-time · $115,100 – $165,450
About this role
UKG is seeking an experienced Staff level Identity and Access Management (IAM) Specialist to join our Enterprise IAM team within Global Security. This role is critical to strengthening UKG’s security posture by designing, implementing, and operating scalable identity governance and privileged access solutions across our cloud and enterprise environments.
You will work closely with Security Engineering, Cloud Engineering, GRC, and application owners to ensure secure, compliant, and auditable access to systems and data. Your day-to-day involves configuring access certification campaigns, automating IAM processes using infrastructure-as-code and APIs, and supporting incident response for access provisioning and de-provisioning.
At UKG, the work you do matters—the code you ship, the decisions you make, and the care you show a customer all add up to real impact. You’ll join a team that never stops learning or challenging the norm, pushing for better while celebrating wins along the way.
Here, you’ll get flexibility that’s real, benefits you can count on, and a team that succeeds together. This role offers the opportunity to shape UKG’s zero-trust strategy and support FedRAMP and regulatory compliance initiatives, making a tangible difference for tens of millions of workers who start and end their days with our platform.
Requirements
- 4+ years of experience in Identity and Access Management or cybersecurity
- Strong knowledge of NIST SP 800‑53 security controls and their application to IAM
- Proven experience documenting and maintaining System Security Plans (SSPs)
- Experience designing and implementing RBAC and ABAC access models
- Experience with SailPoint or Saviynt (administration, configuration, or implementation)
- Experience configuring and operating Access Certification Campaigns
- Hands‑on experience with Google Cloud Platform (GCP) or another major cloud provider (AWS/Azure)
- Strong understanding of SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), LDAP, and Multi‑Factor Authentication (MFA)
Responsibilities
- Design, implement, and operate Identity Governance (IGA) and Privileged Access Management (PAM) capabilities across enterprise and cloud environments
- Support FedRAMP and regulatory compliance initiatives by aligning IAM controls with NIST SP 800‑53 requirements
- Develop, maintain, and review System Security Plans (SSPs) and supporting IAM documentation for audits and assessments
- Define and manage RBAC and ABAC models to enforce least‑privilege access at scale
- Configure and manage access certification campaigns, including role reviews, entitlement reviews, and remediation workflows
- Implement and support IAM integrations using SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), LDAP, and MFA
- Operate IAM solutions in GCP, supporting secure access to cloud resources and workloads
- Automate IAM processes using infrastructure‑as‑code, APIs, and scripting to improve reliability and efficiency
Benefits
- Flexibility that’s real—remote and hybrid work options
- Benefits you can count on
- A team that succeeds together
- Opportunity to shape UKG’s zero-trust strategy and support FedRAMP compliance
Similar roles

Tech Lead Python GenAI Developer - Remote
3w3 weeks agoMadiff
Remote · Full-time · $200,000 – $260,000

People Technology Lead
3w3 weeks agoRecursion
Salt Lake City, US · Full-time · $153,300 – $192,500

Senior Civil Engineer - Remote
3w3 weeks agoAPTIM
Baton Rouge, US · Full-time · $135,000 – $180,000

Senior BIM Coordinator - Remote
3w3 weeks agoRider Levett Bucknall
Remote · Full-time · £45,000 – £60,000