IAM Engineer

*We offer a flexible working policy that supports a healthy balance between personal and professional wellbeing. This role requires in\-office presence on Tuesdays \& Thursdays to collaborate, connect, and learn from peers \- while also maintaining the flexibility for meaningful work\-life balance.*

Being an IAM Engineer at iManage Means…

You are iManage’s identity authority. You own the infrastructure that governs how every employee and service authenticates and accesses systems across a global, Microsoft\-centric environment. Your core focus is Entra ID, SSO integrations for SaaS applications, and IAM automation \- with secondary coverage for network infrastructure to support a distributed Infrastructure team. This is an individual contributor role based in London, working closely with colleagues in Belfast, Chicago, and Bangalore.

iM Responsible For…

• Owning IAM infrastructure across the iManage environment: identity federation, SSO, directory services, and PAM via CyberArk.


• Designing and maintaining SSO integrations for SaaS applications using SAML 2\.0, OAuth 2\.0, OIDC, and SCIM.


• Administering Entra ID as the primary identity provider: user lifecycle, group management, app registrations, and conditional access.


• Configuring and maintaining Entra ID PIM, Identity Protection, entitlement management, and access reviews.


• Automating user lifecycle management (provisioning, deprovisioning, access reviews) via PowerShell, Graph API, and Entra ID Governance.


• Enforcing zero\-trust principles, least\-privilege access, and RBAC policies across the environment.


• Monitoring sign\-in activity, risky users, and identity alerts; remediating in line with internal SLAs.


• Managing MFA policies including Conditional Access controls, authentication methods, and exception handling.


• Governing service account lifecycle: creation standards, CyberArk vaulting, credential rotation, and decommissioning.


• Maintaining documentation for IAM configurations, access policies, runbooks, and SOPs.


• Leading IAM incident response, performing root cause analysis, and implementing preventive controls.


• Owning stale account detection and remediation, drawing on Dayforce and Active Directory lifecycle signals.


• Supporting JML automation in partnership with Dayforce to ensure timely access changes across the employee lifecycle.


• Managing break\-glass accounts including regular review, audit logging, and alerting.


• Providing on\-call coverage for identity incidents and participating in scheduled IAM maintenance windows.

iM Qualified Because I Have…

• 5\+ years of experience in infrastructure or systems engineering with a primary focus on identity and access management.


• Deep hands\-on expertise with Microsoft Entra ID including conditional access, PIM, Identity Protection, entitlement management, and access reviews.


• Demonstrated experience designing and maintaining SSO integrations for SaaS applications using SAML 2\.0, OAuth 2\.0, OIDC, and SCIM.


• Strong scripting capability for IAM automation using PowerShell and Microsoft Graph API; Python or Bash a plus.


• Working knowledge of PAM concepts and tooling; experience with CyberArk preferred.


• Familiarity with Microsoft 365 E5 security tooling: Microsoft Defender for Identity, Microsoft Sentinel, and Purview.


• Foundational networking knowledge (TCP/IP, DNS, DHCP, VPN, firewall basics) sufficient to provide secondary coverage; Palo Alto familiarity a plus.


• Strong communication skills with the ability to convey technical detail clearly to both engineering peers and non\-technical stakeholders.

Don’t meet every qualification listed above? Studies show that women and people of color are less likely to apply to jobs unless they meet all qualifications. At iManage, we are committed to building a diverse and inclusive environment, and encourage everyone to show up as their full authentic selves. We welcome those that come with a growth mindset and a hunger for learning; so, if you are excited about this role but your past experience doesn’t align perfectly with every qualification we encourage you to apply anyways!

iM Getting To…

• Join a rapidly evolving, industry\-leading SaaS company on an exciting journey of growth and scalability!


• Take on meaningful, high\-impact challenges by leveraging cutting\-edge technologies and best\-in\-class protocols to drive innovation.


• Own my career path with our internal development framework. Ask us more about this!


• Expand my skill set and earn certifications with unlimited access to LinkedIn Learning courses and interactive Microsoft courses \& training.


• Be part of a supportive and experienced team within a dynamic, inclusive, and encouraging culture.


• Enjoy flexible work hours that empower me to balance personal time with professional commitments.


• Collaborate in a modern, open\-plan workspace with a team that spans London, Belfast, Chicago, and Bangalore.

iManage Is Supporting Me By...

• Creating an inclusive environment where you’re encouraged to help shape the culture by bringing your unique perspective, not just by fitting in.


• Providing a market leading salary determined through a fair and consistent process, equitable for all our employees, and regularly reviewed against industry benchmarks.


• Rewarding me with an annual performance\-based bonus.


• Providing enhanced parental leave (20 weeks for primary and 10 weeks for secondary caregiver at 100% pay)


• Matching my pension contribution (up to 6%)


• Offering BUPA private medical insurance \& a Simplyhealth cash plan to assist with the everyday costs.


• Providing Group life cover, including life insurance, income protection, and critical illness protection.


• Encouraging me to make use of our top\-tier flexible time off policy, which includes 25 days of annual leave and the flexibility to take further additional time off as needed


• Having multiple company wellness days each year to prioritize mental health and well\-being.


• Providing access to RethinkCare, a global behavioral health platform that enhances personal well\-being, strengthens professional resilience, and empowers parental success through expert\-led training and resources.

iManage is committed to providing an excellent candidate experience and will never ask you to engage in recruitment activity via text and exclusively communicates from emails using the @imanage.com domain. If you have any concerns or questions about communications you have received, please send them to careers@imanage.com so our team members can review.

About iManage…

At iManage, we are dedicated to Making Knowledge Work™. Our intelligent, cloud\-enabled, and secure platform is trusted by 4,100\+ customers and 430,000 users worldwide, managing over 11 billion documents and 11 petabytes of data. We empower professionals across 65\+ countries to unlock the full potential of their business content and communications.

We are continuously innovating to solve the most complex professional challenges and enable better business outcomes; Our work is not always easy but it is ambitious and rewarding.

So we’re looking for people who embrace challenges. People who thrive on solving problems, pushing boundaries, and collaborating with the industry’s best and brightest. That’s the iManage way. It’s how we turn the impossible into reality, empower our employees to grow, unlock their potential, and create a meaningful impact on everything we do.

*Whoever you are, whatever you do, however you work. Make it mean something at iManage.*

iManage provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Learn more at: www.imanage.com

Please see our recruitment privacy statement for more information on how we handle your personal data.

\#LI\-SR1

\#LI\-Hybrid

ADYmPaolh8

This listing is from indeed. View original listing ↗