WHAT DOES AN IDENTITY AND ACCESS MANAGEMENT ENGINEER DO?

Published: Aug 7, 2025 - The Identity and Access Management Engineer is responsible for engineering and operational support of Azure Active Directory and other IAM-related solutions to safeguard Deloitte and client data. This role involves collaborating with technical teams and stakeholders to develop scalable identity services that align with organizational needs and quality standards. The engineer also plays a vital role in fostering a culture of growth, mentorship, and innovation through continuous support, coaching, and impactful service delivery.

A Review of Professional Skills and Functions for Identity and Access Management Engineer

1. Identity and Access Management Engineer Responsibilities

  • Technical Troubleshooting: Troubleshoot and develop technical solutions related to software and setup errors.
  • Issue Resolution: Resolve cases raised by effective troubleshooting, creating workaround procedures when standard procedures have failed.
  • Time Management: Ensure issues are resolved in a timely fashion.
  • Problem Escalation: Escalate urgent problems requiring more in-depth knowledge to appropriate internal resources.
  • Product Support: Provides technical support for Ivanti UEM/UWM related products through onboarding applications for auto-provisioning, troubleshooting and diagnosis.
  • Incident Management: Log, capture, and troubleshoot customer incidents.
  • Case Handling: Progress customer technical support cases.
  • Customer Communication: Ensure customer communication is timely, maintained and appropriate.
  • Advanced Troubleshooting: Resolve cases raised by effective troubleshooting, research and testing, or for more complex issues, work directly with back-line and development teams.
  • Process Participation: Participate in focus activities, such as backlog reduction.

2. Identity and Access Management Engineer Accountabilities

  • Issue Management: Solve and manage the resolution of issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
  • Incident Resolution: Fix, support and resolve IAM system incidents, problems, and changes, as the need arises.
  • ITIL Support: Provide ITIL-based operational support and act as a technical resource for the Active Directory infrastructure, including incident, change, and problem management.
  • Cloud Infrastructure Support: Provide support from an IAM perspective on-premise infrastructure and cloud-based services, including Domain Controllers, SaaS applications, OKTA, and O365.
  • Metric Reporting: Extract and present key metric reporting and analysis for the Identity Management environment.
  • Audit Compliance: Work to ensure audit tasks related to Identity Management are completed, with the participation of appropriate partners and in line with Information Security standards.
  • Best Practices Enforcement: Ensure that the IAM system follows industry best practices for appropriate standards, processes, procedures, tools, and documentation.
  • System Maintenance: Ensure the maintenance, patching, operation, and monitoring of IAM systems are in place and aligned with the Lifecycle management policy.
  • On-call Support: Participate in on-call rotation, and as such, work out of standard business hours.

3. Global Identity and Access Management Engineer Overview

  • IAM Delivery: Deliver a comprehensive set of identity and access management capabilities and services that protect Deloitte and client data.
  • Service Visioning: Refine and expand upon the established vision for supporting high-quality service delivery to member firms.
  • Identity Development: Develop identity services, working with both customers and technical teams.
  • Service Quality: Ensure the service meets the customer's needs in the most effective and high-quality manner possible.
  • Team Reporting: Report to the Global Identity and Access Management Manager.
  • Azure Engineering: Responsible for the engineering and operational support of Azure Active Directory and other Identity and Access Management-related solutions.
  • People Leadership: Responsible for inspiring people at every level.
  • Career Development: Invest, help at every step of the career, and help identify and hone unique strengths.
  • Talent Growth: Encourage growth by providing formal and informal development programs, coaching, and mentoring.
  • Innovative Mindset: Want to ask questions, take chances, and explore the possible.
  • Employee Recognition: Provide benefits, competitive compensation, and recognition.
  • Purposeful Impact: Help sustain efforts in making an impact that matters.

4. Senior Identity and Access Management Engineer Job Description

  • Identity Automation: Drive forward the automation, management and compliance of Identities throughout the Enterprise by working closely with all teams in IT and business units.
  • Process Optimization: Understand and challenge old processes, bringing efficiency to the organization.
  • Identity Awareness: See Identity as more than just a userid and password to manage - users’ identities enable an efficient and capable workplace.
  • Cloud Security Design: Responsible for contributing to designs, service development, service integration, implementation and operations related to Cloud identity security, Identity and Access Management (IAM), Single Sign-on (SSO) and Privileged Access Management (PAM).
  • Solution Configuration: Build, configure and maintain the Cloud identity security, IAM, SSO and PAM solutions (Ping Federate/Ping ID/Ping SSO, Sailpoint IdentityIQ, CyberArk, Microsoft Active Directory (AD), Microsoft Azure/Azure AD/Azure AD Connect, Amazon Web Services (AWS), Google, Directory Services Administration Tools and Service Interfaces).
  • Toolset Deployment: Build, configure and deploy IAM, SSO and PAM toolsets according to design and business requirements with internal and external partners.
  • System Governance: Manage the implementation, administration, governance, compliance, and maintenance of IAM, SSO and PAM systems and processes.
  • Outage Response: Perform outage response activity and report service restoration status.
  • Access Monitoring: Design and coordinate the monitoring and alerting process for key access and authentication controls.
  • Audit Participation: Participate in audits and compliance assessment activities.

5. Identity and Access Management Engineer Roles

  • IAM Operations: Provide solutions and operations for Identity and Access Management services for on-premises and cloud environments.
  • IAM Architecture: Architect and design IAM technology such as access management, directory services, federation (SAML, OAuth, OpenID Connect), Multi-factor Authentication (MFA), Single Sign On (SSO), Active Directory, API gateway access control, identity governance and administration.
  • PAM Compliance: Ensure that PAM solutions and services perform according to defined processes, meet defined policies and comply with information security requirements.
  • Privileged Oversight: Responsible for the oversight and successful implementation of a mechanism protecting privileged accounts across the organization, including areas such as Password Vaulting, Session Login, Session Recording and Break Glass solutions.
  • Cloud Strategy Support: Support the development of security strategies and architecture vision as it relates to the GBT’s cloud initiatives, specifically setting the direction for IAM as it relates to cloud.
  • Cloud IAM Solutions: Provide IAM solutions for migrating or building new applications in the GBT environment across multiple Cloud providers, including but not limited to Azure and AWS.
  • Risk Management: Assist in identifying risks and issues and developing recommendations that address significant risks and complex issues.
  • Production Support: Participate in production support remediation activities.
  • Vendor Collaboration: Collaborate with vendors on root cause analysis.
  • Incident Mitigation: Help drive mitigation or elimination actions for future incidents.
  • Technical Documentation: Ability to produce high-quality documentation appropriate for its intended audience.
  • UI Collaboration: Work with internal teams on user interface documents and tutorials.
  • Process Visualization: Generate and maintain flowcharts, diagrams, and process diagrams.

6. Identity and Access Management Engineer Role Purpose

  • Architecture Collaboration: Work closely with Architects to contribute and deliver patterns and designs for new services and features for RELX's wide enterprise systems and applications.
  • Operational Management: Responsible for Operational Management of the RELX identity and access management platform, managing Active Directory and Azure AD Identity services, coordinating adoption, enhancements and changes that impact all RELX BUs.
  • Technical Leadership: Provide consultancy, leadership and promote best practices to the RELX business units in strategically important areas, specifically Microsoft on-premise and cloud-based services and applications.
  • Feature Planning: Recommend and plan the use of new features and functionality.
  • System Optimization: Improve overall system performance, security and availability as well as business productivity.
  • Team Problem-Solving: Problem-solving involves leading teams in identifying, researching, and coordinating the resources necessary.
  • Issue Troubleshooting: Effectively troubleshoot/diagnose complex project issues.
  • Standards Establishment: Establish standards and guidelines that are in place and are widely communicated to all stakeholders.

7. Identity and Access Management Engineer Responsibilities and Key Tasks

  • Policy Compliance: Ensure consistency and compliance across the organization.
  • Change Management: Ensure enterprise change management activities follow strict protocol and are handled in a concise, transparent and well-communicated manner.
  • Cross-Team Collaboration: Work closely with architecture, development groups, support groups, and vendors.
  • Operations Coordination: Coordinate special operations and communicate/escalate problems to meet assigned deadlines.
  • Performance Diagnosis: Diagnose system performance problems using available standard performance tools and system indicators.
  • Problem Recovery: Provide prompt recovery and problem escalation for the exceptions, extrapolating and integrating information within defined boundaries, using multiple system management and problem management tools.
  • Security Procedure Support: Assist in the development of comprehensive information security procedures and practices and the deployment of a detailed security audit.
  • Request Implementation: Proper management and implementation of team changes and service requests.
  • Task Execution: Create execution, documentation, and closure of tasks, changes, and requests.

8. Identity and Access Management Engineer Roles and Details

  • Software Development: Specify, design, configure and build security software solutions in an agile software development team.
  • Identity Platform Engineering: Build solutions for a customer identity and access platform that creates the foundation for identity and access for external and internal human and non-human identities.
  • Okta Integration: Implement, integrate and support Okta's cloud technologies into the IAM environment.
  • Cloud Migration: Migrate applications from the current IAM system to the Okta Cloud solution.
  • Identity Solutions: Build and implement highly available and secure Identity solutions.
  • Service Monitoring: Monitor usage and health of CIAM services and ensure SLA’s are met.
  • Security Collaboration: Partner closely with InfoSec, compliance, and other service owners responsible for establishing governance, policies, and requirements.
  • Security Expansion: Work closely with product owners to expand security services to additional products, services and systems.
  • Solution Planning: Contribute to solution scoping and effort sizing with cross-functional teams.

9. Identity and Access Management Engineer Responsibilities and Key Tasks

  • Project Leadership: Serve as a lead or key resource on IAM-related projects.
  • Access Management: Perform tasks related to end-user access, including user access provisioning, de-provisioning, and access modifications in various systems and applications.
  • Tool Deployment: Assist with the evaluation, testing, deployment, and management of tools supporting IAM-related activities.
  • RBAC Development: Assist with the development and maintenance of role-based access controls (RBAC).
  • Entitlement Review: Identify entitlement inconsistencies and provide a resolution.
  • Access Analysis: Analyze user access roles and security settings to independently assess compliance with defined standards.
  • Access Recertification: Conduct user access recertifications consistent with established processes.
  • Access Reporting: Prepare or obtain user and system access reports from trusted sources.
  • Documentation Review: Review and maintain department documentation to ensure it reflects current processes and procedures.
  • Standards Development: Assist with the development of IAM standards and procedures.
  • System Configuration: Work collaboratively with other IT teams to configure IAM tools and systems.
  • Standards Monitoring: Monitor distributed systems for consistency with IAM standards and guidelines.

10. Identity and Access Management Engineer Duties and Roles

  • System Administration: Responsible for administering key IAM systems.
  • Access Metrics: Assist with the development and reporting of access-related metrics.
  • IAM Compliance: Serve as a business unit resource for IAM projects and compliance with established processes.
  • Audit Remediation: Remediate audit, assessment, and examination findings and control gaps.
  • Incident Analysis: Support for 2nd-level support in the analysis of incidents.
  • Data Quality: Continuous improvement of the data quality in the IDM/IAM tools.
  • Strategic Planning: Responsible for the preparation of strategic decisions.
  • Solution Development: Plan, design and build IDM/IAM solutions and integrate with B.
  • Task Support: Plan and support daily administrative tasks, including performance monitoring, tuning, and troubleshooting.
  • Problem Resolution: Root cause analysis, provision of recommended solutions, proactive error prevention, installing upgrades, etc.
  • Concept Enhancement: Further development of the technical concept of the authentication and authorization processes.

11. Identity and Access Management Engineer Senior Role Purpose

  • IAM Utilization: Utilize IAM (Identity and Access Management) programs to enable federal, state, local and/or higher education clients to protect against digital identity risks.
  • Access Provisioning: Provide appropriate access to applications, systems, and data with advanced authentication.
  • Privileged Oversight: Oversee the spread of information with privileged access management.
  • Task Prioritization: Multitask and switch gears to meet changing priorities and tasks to accomplish goals/objectives.
  • Distributed Collaboration: Work in a distributed team environment where team members are spread across numerous locations and often communicate virtually to support clients' IAM applications.
  • Risk Evaluation: Identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement.
  • Control Assessment: Evaluate and support complex IAM and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement.
  • IAM Implementation: Responsible for designing, installing, implementing, architecting, configuring and maintaining one or more Identity and Access Management products such as Okta, SailPoint, ForgeRock, CyberArk, or other IAM technology in a client environment.
  • Technical Communication: Communicate the IAM aspects of both the production support and maintenance at the technical and functional level to maintain or resolve a technical situation.
  • Tech Enablement: Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services.

12. IT Identity and Access Management Engineer Duties

  • IAM Lifecycle: Responsible for participating in designing, delivering, and supporting Identity and Access Management technologies throughout the identity and application lifecycle.
  • Workflow Optimization: Make recommendations to address business requirements and improve workflow with the effective involvement of support resources.
  • System Development: Develop, document, test, implement, and enhance Identity and Access Management Systems.
  • Process Definition: Assist with developing processes and procedures related to the IAM system.
  • Requirements Gathering: Work with the team to gather requirements and investigate solutions.
  • Configuration Analysis: Assist in the identification of alternative configurations and approaches to enable business needs.
  • Documentation Maintenance: Develop and maintain documentation on common tasks, procedures, data flow and business process diagrams.
  • Issue Troubleshooting: Troubleshoot issues/failures and document potential solutions.
  • Feature Deployment: Collaborate with the team to ensure the successful deployment of new features.
  • MFA Administration: Implement and administer multifactor authentication systems.

13. IT Identity and Access Management Engineer Details

  • Security Enhancement: Enhance security posture for computers and users.
  • AD Compliance: Support Active Directory (AD) environments in compliance with legal, regulatory and internal policies and standards, and ensure compliance of AD solutions.
  • Audit Participation: Participate in internal audits of identity and security roles.
  • User Support: Provide telephone, e-mail, and after-hours support to all sites using various tools.
  • Technical Documentation: Develop and maintain clear, concise, and accurate technical documentation for the application and supporting infrastructure environment, including detailed design documents, build procedures, training and technical support guidelines.
  • Usage Analysis: Analyze usage and trends, and evaluate vendor products for fit with established architecture.
  • System Monitoring: Monitor system health for assigned applications.
  • Issue Resolution: Consult with peers and SaaS providers to resolve issues.
  • Activity Logging: Document activities such as downtime, problems, and system configurations.
Relevant Information
What Does An Identity and Access Management Analyst Do?