IAM Engineer

Tradeweb Markets is seeking a detail-oriented, results-driven IAM Engineer to join our Identity & Access Management (IAM) team. The ideal candidate will work across the full identity lifecycle—designing and integrating enterprise applications into our SSO infrastructure using modern federation standards (SAML, OIDC, OAuth2), while also onboarding those applications into our IGA platform (such as SailPoint, Saviynt, or equivalent) to enforce role-based access control (RBAC), streamline entitlement reviews, and support regulatory compliance initiatives.

Requirements

• Support the implementation of access certification processes within the IGA platform (e.g., SailPoint, Saviynt) to ensure periodic entitlement reviews align with least-privilege principles and compliance requirements.
• Contribute to the integration of applications with Single Sign-On (SSO) using identity federation protocols such as SAML, OIDC, and OAuth2, collaborating with application teams and security architects.
• Work closely with IAM architects and application teams to onboard applications into the IGA platform, ensuring entitlement data, user attributes, and provisioning rules are accurately mapped and configured.
• Analyze access patterns and application entitlements to assist in role mining, entitlement rationalization, and the development of scalable, governance-aligned role models.
• Document technical specifications, data mappings, and integration workflows for SSO and IGA implementations, supporting both technical teams and audit requirements.
• Configure and maintain integrations between target systems and the IGA platform, ensuring proper lifecycle management of users and entitlements.
• Assist in the creation of access policies and role definitions, aligning with business and compliance requirements.
• Generate reports and provide evidence for audit activities, including entitlement reviews, access request histories, and policy enforcement logs.
• Identify technical gaps or inconsistencies in access controls, provisioning workflows, or entitlement structures and propose engineering solutions to address them.
• Participate in testing, validation, and deployment of IAM-related changes, ensuring proper functionality across SSO and IGA components.
• Provide technical support and knowledge sharing to application teams and business stakeholders around IAM integration processes and access governance best practices.