Overview
Stefanini Group is seeking a Senior IAM/ IGA Engineer with strong hands-on experience implementing and supporting Saviynt-based identity governance solutions in enterprise environments.
Core Responsibilities
* Implement and support Saviynt IGA capabilities (JML, access requests, approvals, certifications, provisioning).
* Build and maintain integrations with on-prem, cloud, and SaaS applications.
* Configure and troubleshoot Saviynt connectors, rules, and workflows.
* Implement authentication and provisioning integrations using SAML, OIDC, OAuth2, SCIM, and LDAP.
* Automate IAM processes using PowerShell, Python, and REST APIs.
* Partner with security, infrastructure, and application teams to deliver solutions.
Architecture & Design
* Design enterprise-grade IGA architectures and target-state roadmaps.
* Define identity data models, authoritative sources, and attribute mastering strategies.
* Establish role-based and attribute-based access control (RBAC / ABAC) frameworks.
* Lead IGA platform upgrades, migrations, and major enhancements.
* Create architectural diagrams, integration patterns, and technical standards.
Security & Compliance
* Implement controls aligned with: ISO 27001, SOC 2, SOX, GDPR, and HIPAA (where applicable).
* Support internal and external audits by providing evidence and remediation plans.
* Apply least privilege and zero trust principles.
Leadership & Collaboration
* Act as technical lead for Saviynt and IGA initiatives.
* Mentor junior engineers and administrators.
* Partner with: Security and Infrastructure teams, Application owners, HR and Compliance.
* Translate business requirements into scalable technical solutions.
Job RequirementsRequired Experience
* 8+ years of experience in Identity & Access Management (IAM) and Identity Governance & Administration (IGA) roles.
* 5+ years of hands-on Saviynt implementation and administration experience in large-scale enterprise environments.
* Proven experience leading end-to-end IGA architecture, design, implementation, and optimization initiatives.
* Experience working in Agile / DevOps environments.
* Application Integration & Provisioning. Extensive experience in integrating applications with Saviynt, including:
* Connected applications using out-of-the-box and custom Saviynt connectors: Active Directory, Azure AD / Entra ID, LDAP, Databases, Major SaaS platforms (e.g., ServiceNow, Workday, Salesforce, O365, Google Workspace).
* Disconnected and semi-connected applications using: manual provisioning workflows, file-based integrations, certification-only governance models.
* Leading application onboarding across:on-premises environments, hybrid infrastructures and Cloud and SaaS ecosystems.
* Authentication & Provisioning Protocols:
o Strong working and architectural knowledge of:
o SAML 2.0
o OAuth 2.0/ OpenID Connect (OIDC)
o SCIM 1.1/ 2.0
o LDAP/ LDAPS
o RESTful APIs
o Kerberos/ NTLM (where applicable).
* Ability to design identity flows using these protocols and troubleshoot complex authentication and provisioning failures.
* Automation & Engineering:
o Experience scripting and automating using: PowerShell, Python and REST APIs.
o Build reusable automation frameworks for: bulk onboarding, remediation, certification campaigns and Data cleanup.
Required Skills
* Excellent troubleshooting and root-cause analysis skills.
* Strong documentation and technical writing abilities.
* Ability to balance security, usability, and operational efficiency.
* Excellent written and verbal communication skills in English.
* A customer-oriented attitude and strong communication & presentation skills are a requirement.
* Exhibit good interpersonal skills and ability to communicate confidently & concisely with audiences at all levels, manage expectations and explain technical details.
* Analytical mind with evaluative and problem-solving abilities, able to define technical solutions aligned with client\'s business problems at an architectural and design level of detail.
* Able to effectively undertake challenges and have experience in leading a project and teams in a complex environment.
* Ability to manage multiple priorities and meet deadlines.
* High degree of initiative, dependability and ability to work with little supervision.
* Highly adaptable professional, able to work well with others in diverse and evolving work environments.
Nice to have
* Saviynt certifications.
* Experience with additional IGA platforms (SailPoint, Okta IGA, One Identity, Entra ID Governance).
* Cloud certifications (Azure, AWS, GCP).
What\'s next
It\'s best to apply today, because job postings can be taken down and we wouldn\'t want you to miss this opportunity. In case you need further information, just send us a message at recruitmentEMEA@stefanini.com and we\'ll be happy to assist!
The preceding job description had been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties and responsibilities required of employees assigned to this job.
Diversity & Inclusion
Here at the Stefanini Group, we value plurality and equity, regardless of race, sexual orientation, disability, age, ancestry, religion, gender, and nationality. We understand and encourage the importance of being you!
About Us
We are the Stefanini group, a global tech consulting company of Brazilian origin that believes in the power of people to transform businesses through technology. We are present in over 40 countries and operate with the purpose of co-creating solutions TOGETHER WITH OUR CLIENTS that accelerate results and improve the experience of people and organizations. Here, we like to say that technology is not the end, but the means: what really matters are the people who drive it all. Our mindset is AI First, meaning we invest in cutting-edge technology in everything we do, focusing on results for our clients. We are a company, A GROUP, that breathes collaboration and offers a dynamic environment where you will learn by doing, grow alongside the team, and have space to contribute with ideas and projects. More than just talking about digital transformation, we believe in real transformation that starts with people and impacts real businesses. If you are looking for a place to develop, innovate, and be part of something bigger, the Stefanini Group is your place.
We want to inform you that there are currently scams targeting job seekers by falsely using our company\'s name, Stefanini. We sincerely apologize for any confusion or inconvenience this may have caused. Please remember that legitimate job offers from Stefanini will always come through official channels, including direct communication with our trained recruiters. If you receive any unsolicited messages requesting payment or personal information, please disregard them. If you suspect you\'ve been targeted, please contact us immediately at RecruitmentEMEA@stefanini.com for verification.
Key Points to Remember:
* Legitimate job offers only follow interviews conducted with our hiring managers or clients.
* We will never ask for payment at any stage of the recruitment process.
Stay vigilant and feel free to reach out for verification. Your safety and security are our top priorities. Thank you for your understanding and cooperation.
#J-18808-Ljbffr