IT Engineer

Location: Thiruvarur, Tamil Nadu (Onsite)Function: Security Engineering / Platform (Identity & Access Management)Why this role matters We’re working on a secure, multi-tenant SaaS platform and need a hands-on IAM engineer to own the end-to-end identity lifecycle and authorization model—down to table/row/column-level policies. You’ll standardize Joiner-Mover-Leaver (JML) workflows, lead least-privilege RBAC across the product and business apps, and automate everything you can.What you’ll do Own the IAM lifecycle: Design, develop, and standardize identity lifecycle workflows for employee and service accounts (JML, break-glass, access reviews).Automate provisioning: Configure and maintain automated workflows for provisioning, de-provisioning, and access changes using IdP workflows and APIs to eliminate manual effort and reduce MTTR.Integrate the stack: Complete and maintain key IdP integrations (varying complexity) with business apps and internal services using SCIM 2.0 and OIDC/SAML .Drive least-privilege: Lead the organization-wide RBAC initiative so access maps to job function and need; partner with stakeholders to set/enforce policy.Engineer data-layer RBAC: Design and enforce fine-grained authorization at the schema/table/column/row level (e.g., Postgres RLS, column masking) using attributes like organization, region, and role.Harden the platform: Implement policy-as-code (e.g., OPA/Rego), secrets management, and auditable change controls (GitOps) for IAM.Document everything: Keep clear runbooks, diagrams, and standards for core applications, policies, and processes.Operate & respond: Triage and resolve identity incidents and escalations; drive root-cause and prevention.Governance & culture: Establish IAM policies and guardrails that foster a least-privilege culture across engineering, IT, and business teams.You may be a great fit if you Bring 5+ years in fast-paced SaaS environments focused on Identity & Access Management (Okta strongly preferred).Have subject-matter expertise in IdP implementation, JML automation , and integrating SaaS apps using APIs, SCIM, OIDC/SAML .Have led or played a key role in large-scale access-controls/RBAC deployments with cross-functional change management.Partner smoothly with stakeholders to synthesize and present solutions that improve business efficiency .Work autonomously with methodical planning, visibility, and crisp execution.Embrace feedback and a growth mindset ; stay current on identity, security, and privacy best practices.Core skills we value Identity: Okta (or similar IdP), Okta Workflows, Lifecycle/JML, adaptive MFA, SCIM directories, groups & claims mapping.AuthZ (product & data): RBAC/ABAC design; PostgreSQL GRANTs & Row-Level Security ; column masking/tokenization; Snowflake/Trino/ClickHouse RBAC a plus.Automation: Scripting ( Python/Go/Bash ), Terraform (incl. Okta/AWS providers), CI/CD, GitOps for policy changes.APIs & Integrations: REST/JSON, webhooks, SCIM servers/clients, service