Senior IAM Engineer

Join to apply for the Senior IAM Engineer role at Security Benefit
.

Security Benefit is a leader in the U.S. retirement market with more than $55 billion in assets under management. We offer opportunities to thrive, innovate, and make an impact. As part of our team, you’ll play a key role in driving the future of the U.S. retirement industry. Security Benefit is a PLACE where we promise to help our customers To and Through Retirement®.

We’re proud to have been recognized as one of the best in the business:

• Named to Ward’s 50 list of top-performing life-health insurance companies
• Recognized on list of Ingram’s Top 100 Private Companies in the Kansas City area in 2024

The Senior IAM Engineer will lead the design, implementation, and optimization of Cyber Ark Privileged Access Management (PAM) solutions, serving as the primary subject matter expert for Cyber Ark across the organization. This role requires advanced technical skills in Cyber Ark architecture, deployment, and operations, as well as a strong understanding of identity governance, access management, and security best practices.

The Senior IAM Engineer position reports to the Manager, Identity and Security Operations and can be based out of our home office in Topeka, Kansas, our Overland Park, Kansas office or remotely for the right candidate. We work a hybrid schedule, offering flexibility to work both remotely and on-site.

The ideal candidate will architect end-to-end privileged access solutions, collaborate with cross-functional teams, and ensure the success of Cyber Ark deployments, while supporting integrations with SailPoint and other IAM platforms.

Design, architect, and deploy enterprise-grade Cyber Ark Privileged Access Management (PAM) solutions that align with organizational security and compliance objectives.

Lead the technical design and implementation of broader Identity and Access Management (IAM) solutions across the enterprise, ensuring scalability, automation, and alignment with business and security requirements.

Develop and maintain automation scripts (e.g., Power Shell, Python, REST APIs) to enhance provisioning, access control, and system monitoring processes.

Implement secure configurations, patch management, and least privilege models across Cyber Ark components and integrated systems. Perform security baseline and hardening in line with industry (NIST, CIS) benchmarks.

Collaborate with Security Operations to monitor privileged accounts for anomalies or abuse, participate in incident investigations, and contribute to response for security events.

Lead integrations between Cyber Ark and enterprise identity, authentication solutions (e.g., Azure AD/Entra , Okta, AWS IAM).

Ensure PAM and IAM controls meet regulatory and audit requirements (NIST, SOX, NYDFS). Maintain thorough documentation and evidence for audits.

Work closely with infrastructure, application, and audit teams to translate privileged access requirements into secure, scalable designs.

Provide technical mentorship, promote security best practices, and contribute to the evolution of enterprise IAM standards and security posture.

• Cyber Ark Privilege Cloud & ISPSS Expertise: 8+ years proven experience implementing, configuring, and managing Cyber Ark Privilege Cloud and Identity Security Platform Shared Services (ISPSS) in enterprise environments. Deep understanding of secure design, onboarding, policy configuration, and lifecycle management in cloud-native deployments.
• Architecture & Design:
  Strong background in designing scalable and secure Cyber Ark Privilege Cloud architectures that integrate with hybrid identity environments (on-prem, AWS, Azure).
• Identity & Access Management:
  Broad understanding of IAM principles including authentication, authorization, SSO, MFA, and directory…