Identity & Access Management (IAM) Engineer
Philippines - Home Working
World Vision
World Vision International, Christian relief and development organisation, dedicated toĀ helping the most vulnerable children overcome poverty and experience fullness of life.ĀWith 75 years of experience, our focus is on helping the most vulnerable children overcome poverty and experience fullness of life. We help children of all backgrounds, even in the most dangerous places, inspired by our Christian faith.
Come join our 33,000+ staff working in nearly 100 countries and share the joy of transforming vulnerable childrenās life stories!
Key Responsibilities:
The Identity and Access Management (IAM) Engineer partners closely with the Enterprise Architecture team to implement and support robust identity and access control solutions. In this role, you will translate architectural designs into production-ready configurations, ensure operational health of IAM platforms, and deliver hands-on support to maintain secure, compliant authentication and authorization across enterprise systems and cloud environments.Ā
Do you excel at converting architectural vision into operational identity solutions and delivering world-class support? Join our Global Technology Services team as an IAM Engineer, where youāll work hand-in-hand with our Enterprise Architecture group to implement, maintain, and support mission-critical access controls that secure our global NGO operations. If you thrive in an implementation-focused, collaborative environment and are passionate about driving continuous improvement in IAM, apply now to make a tangible impact!
Key Responsibilities:
Solution Implementation & IntegrationĀ
Work alongside the Enterprise Architect to translate IAM blueprints into scalable, production-grade deployments across Azure AD, OneLogin, or equivalent platforms.Ā
Configure authentication flows (e.g. SAML, OAuth2, OpenID Connect, LDAP) to realize single sign-on (SSO), multi-factor authentication (MFA), and zero-trust access models.Ā
Integrate on-premises Active Directory and cloud directory services, ensuring seamless synchronization and failover resilience.Ā
Operational Support & AdministrationĀ
Own day-to-day administration of IAM platforms: user provisioning/deprovisioning, group management, entitlement changes, and password self-service workflows.Ā
Monitor system health and performance, respond to alerts, and troubleshoot authentication or directory synchronization issues.Ā
Develop and maintain automation scripts (PowerShell, Python, Terraform) to streamline access lifecycle tasks and reduce manual effort.Ā
Access Governance & Compliance SupportĀ
Execute periodic access reviews and attestation campaigns under guidance from Architecture and Risk teams.Ā
Assist in remediation of segregation-of-duties conflicts, unauthorized access, and other compliance findings.Ā
Maintain documentation of access policies, runbooks, and change logs in alignment with audit requirements.Ā
Incident Response & Continuous ImprovementĀ
Serve as the primary support engineer for IAM-related incidents, conducting root-cause analysis and driving corrective actions.Ā
Capture service metrics (uptime, incident volume, resolution times) and collaborate with Architecture to enhance system reliability and user experience.Ā
Contribute to knowledge-based articles, shared runbooks, and training materials for IT operations and support teams.Ā
Stakeholder CollaborationĀ
Liaise with application owners, security operations, and infrastructure teams to onboard new applications and integrate their identity requirements.Ā
Provide Level 2/3 support and guidance to regional IT teams, ensuring consistent execution of IAM processes and rapid resolution of escalated issues.Ā
Key Skills and Competencies:
Bachelorās degree in Computer Science, Information Technology, or related field.
ITIL Foundation certification or equivalent IT service management experience.
Hands-on expertise with Azure Active Directory, Active Directory Federation Services (AD FS), and commercial IAM platforms (e.g. OneLogin, Okta, Ping, SailPoint).Ā
Strong scripting/automation skills (PowerShell, Python, Terraform) and familiarity with CI/CD pipelines.Ā
Proficient in authentication protocols (SAML, OAuth2, OpenID Connect) and directory services (LDAP, Kerberos).Ā
Excellent communicator capable of bridging architectural vision and operational execution.Ā
Certifications such as Microsoft Certified: Identity and Access Administrator, CISSP, or CIAM are advantageous.Ā
Applicant Types Accepted:
Local Applicants Only* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index š°
Tags: Active Directory Automation Azure CI/CD CISSP Cloud Compliance Computer Science Governance IAM Incident response ITIL Kerberos LDAP Okta OpenID PowerShell Python SailPoint SAML Scripting SSO Terraform
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.