Identity And Access Management (IAM) Engineer (GOV) - Tempus - Remote Eligible

Identity And Access Management (IAM) Engineer

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company's success. As an Identity And Access Management (IAM) Engineer within PNC's Tempus Technologies organization, you may be based in a remote location. Tempus Technologies, Inc. is the expert leader of secure payments at the point of interaction. For more than 25 years, innovation and producing high quality custom-ready solutions is at the forefront of everything we do. We're committed to developing exceptional point-of-sale payment integration technology and software solutions to meet the growing needs of our customers' business requirements. Our knowledgeable and friendly employees are passionately dedicated to delivering world-class support to every client. We thrive in a transparent culture that understands the value of shared ideas, teamwork, and excellence in everything we do. The Identity And Access Management (IAM) Engineer is responsible for the hands-on engineering, integration, and operation of the organization's SailPoint IdentityNow platform. This role acts as the technical SailPoint subject matter expert, owning platform configuration, application integrations, identity lifecycle automation, and development of custom workflows and logic. The IAM Engineer partners closely with Security Operations, Infrastructure, Cloud, Application Engineering, Compliance, and Audit teams to ensure access is governed, automated, auditable, and aligned with least-privilege and regulatory requirements. The ideal candidate brings strong technical depth in SailPoint IdentityNow, a solid understanding of identity governance principles, and the ability to design scalable access solutions across SaaS, cloud, and hybrid environments.

Responsibilities:

• Core IAM Operations
• Implement, operate and support Access Management services, ensuring reliable and secure access provisioning and deprovisioning.
• Execute workforce and non-human identity lifecycle processes, including joiner, mover, and leaver (JML) events.
• Troubleshoot and resolve IAM-related incidents, provisioning failures, and data aggregation issues.
• Ensure IAM services meet availability, performance, and operational support expectations.
• Identity Governance & Administration
• Serve as the primary technical engineer and platform owner for SailPoint IdentityNow.
• Configure and maintain identity profiles, access profiles, provisioning policies, and lifecycle states.
• Implement and support access certifications, entitlement reviews, and remediation workflows.
• Develop and maintain role models, access policies, and governance controls aligned to least privilege.
• Support audit and compliance activities, including evidence collection and access review remediation.
• Application & System Integrations
• Integrate SailPoint IdentityNow with SaaS applications, cloud platforms, and on prem or hybrid systems.
• Design and implement account and entitlement aggregation for new and existing applications.
• Partner with application owners to define access models, provisioning behavior, and governance requirements.
• Support REST/API based integrations and custom application onboarding.
• Development & Automation
• Develop SailPoint IdentityNow components including transforms, workflows, rules, and forms.
• Automate access requests, approvals, and provisioning processes to reduce manual effort.
• Enhance identity data quality and correlation logic across authoritative source systems.
• Implement and maintain custom logic to support complex access use cases and edge conditions.
• IAM Platform Operations & Continuous Improvement
• Monitor and maintain SailPoint job schedules, aggregations, and provisioning execution.
• Analyze errors and trends to improve reliability and reduce operational toil.
• Maintain technical documentation, integration standards, and operational runbooks.
• Identify opportunities to improve scalability, automation, and governance maturity.

Key Relationships:

• Identity And Access Management Lead
• Security Operations & Application Security Teams
• IT Infrastructure & Cloud Engineering
• Software Development & Application Owners
• Compliance, Audit & Risk Management
• External Vendors & Implementation Partners

Qualifications:

• Strong hands-on experience with SailPoint IdentityNow (SaaS) in an enterprise environment.
• Experience integrating IAM solutions with SaaS applications, cloud platforms, and directory services.
• Working knowledge of IAM concepts including identity lifecycle management, RBAC/ABAC, and least privilege.
• Experience supporting access reviews, certifications, and audit evidence requests.
• Familiarity with authentication, authorization, SSO, MFA, and directory services (AD, LDAP).
• Strong troubleshooting, analytical, and problem-solving skills.
• Ability to work effectively with both technical and non-technical stakeholders.

This position may be eligible for remote work in select geographic locations, subject to approval by PNC. If approved, work must be conducted from a quiet, secure, and confidential home-based workspace. Occasional in-office participation may be required based on business needs.

PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position.