Infrastructure Security Engineer Jr - IAM

Ent Credit Union is merging with Wings Credit Union to expand resources and enhance member service. The Infrastructure Security Engineer Jr - IAM will provide first line defense for the credit union, operating IAM tools and collaborating cross-functionally to enforce security controls and reduce risk. Responsibilities - Respond to Level 1 support requests, including incidents, outages, bugs, and feature requests; monitor IAM environments and support change management across development, QA, and production - Maintain IAM policies, standards, procedures, and ensure solutions meet regulatory, audit, and internal requirements - Troubleshoot and resolve identity and access issues across enterprise systems - Configure, operate, and troubleshoot Active Directory (AD DS), cloud identity providers, and Active Directory Certificate Services (AD CS), including group policies, privileged group management, PIM, Conditional Access, MFA, passwordless technologies (e. g. , Windows Hello for Business, FIDO2), PKI certificates, and recovery from compromise scenarios - Partner with Risk & Compliance to produce audit-ready evidence and remediate findings - Coordinate with Cybersecurity Operations to respond to identity security events and support post-incident improvements with runbooks and metrics - Collaborate with platform and product teams to integrate IAM controls into CI/CD pipelines and change management processes - Execute user lifecycle operations, including onboarding, offboarding, and routine access requests - Write and maintain SOPs, runbooks, and knowledge base articles for operational consistency - Assist in implementing and optimizing RBAC and ABAC access controls - Integrate IGA platforms with HR systems (e. g. , UKG), directories (Active Directory), applications, and cloud services - Support the implementation and usage of IAM capabilities in enterprise systems, including improving authentication and authorization policies - Engineer and maintain PAM tools (e. g. , Delinea), including credential vaulting, session management, least-privilege strategies, and break-glass access processes - Integrate PAM with directories, servers, cloud platforms, and critical applications - Build and automate identity workflows, connectors, and integrations using APIs, scripting, or infrastructure-as-code tools (PowerShell, Python, IaC/PaC); document SOPs and architecture diagrams - Operate and harden security controls across identity platforms, embedding security by design in change requests and architecture reviews - Maintain secure identity configuration baselines and ensure IAM solutions meet compliance, audit, and regulatory requirements - Align identity security with the organization's overall security strategy to reduce risk - Stay current on identity technologies, risks and threats and participate in roadmap creation through organic releases and/or from business stakeholders - Research, develop, and understand authentication factors, associated risks and benefits, and the impact on user experience - Research, evaluate, recommend and implement new technologies/capabilities - Maintain up-to-date industry knowledge relative to Identity Security, IAM, PAM technologies and methodologies, risks and threats through courses, webinars, books, and self-study - Recommend changes to leadership based on this knowledge Skills - Bachelor's Degree Information Technology, Information Security, or relevant field of study - 1+ years' experience managing users, groups, roles, entitlements, and the identity lifecycle (Joiners/Movers/Leavers), including creating accounts for new users, handling transfers or promotions, and processing employee separations - 1+ Years' experience working with and troubleshooting auth protocols such as OIDC, OAuth2, SAML, LDAP, Integrated Windows Authentication - 1+ Years' experience understanding and abiding by policies that reflect system security objectives; ability to determine how a security system works (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes - Security+, SC 900/SC 300, SailPoint Identity Security Administrator Benefits - Generous 401(k) match - 401k Discretionary Profit Sharing - Health Insurance - Dental Insurance - Vision Insurance - Life Insurance - Short Term and Long Term Disability - Health Savings Account with company contribution - Employee Assistance Program - Paid Vacation, Sick, Floating Holidays and Volunteer Time Off - Paid Holidays - Tuition Reimbursement - Paid Parental Leave Company Overview - Ent Credit Union is a financial institution to improving members financial quality of life and returning value through better rates. It is a sub-organization of Wings Credit Union. It was founded in 1957, and is headquartered in Colorado Springs, Colorado, USA, with a workforce of 1001-5000 employees. Its website is https://www.ent.com/.