Identity and Access Management Engineer

Identity and Access Management Engineer

Unlock your potential with Dassault Systèmes, a global leader in Scientific Software Engineering as an Identity & Access Management Engineer (IAM) in Pune, Maharashtra!

In our APAC IT organization, we are looking for an experienced, innovative, and motivated IAM Engineer who will help us integrate our various technologies into a homogeneous secured user access experience.

As an IAM Engineer you’ll contribute towards our goals of achieving true Zero Trust identity access by levering your knowledge of IDP architecture and administration, Privileged Access Management (PAM), Principle of Least Privilege, Single Sign-On integrations, Multi-Factor authentication implementations, implementation of user Life Cycle Management, and the implementation of Role Based Access Control in Active Directory and various other critical environments.

This role requires hands-on experience in user lifecycle management, MFA integrations (Duo Security, Okta Verify, Yubikey, PKI, etc.), API-based automation, and federated identity standards (OIDC, SAML). The IAM Engineer will play a key role in maturing our zero-trust strategy and ensuring that identity remains the foundation of secure access across users, applications, and devices. You will be a key cross-functional resource who will work with different global stakeholders in the business to dive their infrastructures towards zero-trust access.

Role Description & Responsibilities:

• Design, implement, and maintain IAM solutions leveraging our IDP Okta, ADFS, and utilize CyberArk PAM to manage authentication, authorization, and privileged access.

• Help create, document, and implement identity management policies which will enhance our zero-trust posture

• Drive improvement in our RBAC in Active Directory

• Utilize our internal Microsoft PKI infrastructure to help secure various environments and leverage it as an MFA.

• Administer and integrate MFA solutions (e.g. Okta Verify, Okta Fastpass, Yubikey, Duo, & PKI) across corporate applications, Systems & Storage infrastructures, and network access devices and appliances.

• Develop, enhance, and manage user lifecycle automation (new joiners, movers, leaver processes) through identity governance and provisioning workflows.

• Integrate IAM with enterprise applications via REST APIs, SAML, OIDC, and SCIM for single sign-on (SSO) and secure provisioning.

• Collaborate with endpoint and device management teams to enable device-based conditional access and posture validation for zero-trust enforcement.

• Manage privileged accounts and credentials using CyberArk PAM, including password vaulting, privileged session management and recordings, SSH session integrations with Windows and Linux, and access policies.

• Monitor and troubleshoot IAM-related issues, including authentication failures, federation errors, and policy misconfigurations.

• Participate in IAM roadmap planning and contribute to the organization’s identity security architecture.

• Document IAM standards, configurations, and procedures to ensure compliance and repeatability.

• Opportunity to be part of a global team that is responsible for influencing and shaping a modern Zero Trust security architecture at a cutting edge software company.

• Work with cutting-edge IAM and ZTNA technologies.

• Collaborative culture focused on innovation, learning, and professional growth.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent degree and experience).

• 5 – 7 years of experience in Identity and Access Management or Information Security Engineering

• 4 – 6 years architecting, implementing, and administering Active Directory

• Strong hands-on experience with:

  
  Okta (Workforce Identity Cloud, Universal Directory, Lifecycle Management, Workflows)

  
  Microsoft ADFS / Azure AD / Entra ID

  
  CyberArk Privileged Access Management

  
  ZTNA and secure access platforms (e.g., Zscaler, Palo Alto Prisma Access, etc.)

  
  MFA solutions such as Duo Security, Okta MFA, PKI, and Yubikey implementations

• Expertise in SAML, OIDC, OAuth 2.0, and SCIM integrations.

• Working knowledge of REST APIs for integration and automations.

• Knowledge of Zero Trust frameworks, device trust validation, and secure endpoint integration.

• Experience with identity governance and user lifecycle automation.

• Strong troubleshooting, scripting, and analytical skills (PowerShell, Python or similar).

What’s in it for you?

• Provide local benefits to candidate

• Work in a fun, young & energetic team

• Very supportive mentor & leaders