IAM Engineer

Calling all originals: At Levi Strauss & Co., you can be yourself — and be part of something bigger. We’re a company of people who like to forge our own path and leave the world better than we found it. Who believe that what makes us different makes us stronger. So add your voice. Make an impact. Find your fit — and your future.

We are looking for a well-rounded and hands-on IAM Engineer with strong experience in IGA development as well as a solid foundation in the broader Identity and Access Management ecosystem, including Microsoft Entra (Azure AD), Privileged Access Management (PAM) tools like Delinea, and SSO/MFA solutions. This role will be instrumental in supporting and evolving our global IAM platforms, driving identity governance, secure access, and regulatory compliance.

About the role:

Saviynt IGA (50%)

• Design, develop, and configure IGA platform components (e.g., Saviynt or similar), including identity lifecycle (JML), access requests, certifications, workflows, and policy engine.
• Build and maintain connectors and integrations with enterprise systems (e.g., Entra ID, ServiceNow, SAP, cloud apps) using REST APIs, SCIM, JDBC, PowerShell, or similar technologies.
• Develop and customize workflows, business rules, and provisioning logic to automate access request, approval, and deprovisioning processes.
• Implement and optimize access governance capabilities, including access certifications, remediation workflows, and audit-ready controls.
• Define and enforce RBAC/ABAC models, including role mining, role design, and entitlement standardization.
• Design and implement Segregation of Duties (SoD) policies, rules, and monitoring controls within the IGA platform.
• Onboard applications into the IGA ecosystem, including data mapping, schema design, identity correlation, and reconciliation logic.
• Collaborate with business, security, and audit stakeholders to translate requirements into scalable IGA solutions, including reporting, dashboards, and analytics.

• Configure and manage Entra ID (Azure AD) including Conditional Access, MFA, and identity protection.
• Support Privileged Identity Management (PIM) and privileged access governance.
• Monitor and investigate identity and cloud threats using Microsoft Defender tools.
• Assist with alert triage and incident response using Microsoft Sentinel

• Bachelor’s degree in computer science, Information Security, or related field.
• 3–5 years of experience in Identity & Access Management (IAM) / IGA and cybersecurity
• Strong hands-on experience with IGA platforms (Saviynt, SailPoint, or similar).
• Strong scripting and integration skills (Beanshell, PowerShell, REST APIs, SQL).
• Working knowledge of IAM concepts including RBAC/ABAC, provisioning, JIT access, and compliance controls.
• Exposure to or experience with Microsoft Entra (Azure AD), Delinea or other PAM tools, and SSO/MFA platforms.
• Familiarity with identity protocols (OAuth, SAML, OpenID Connect).
• Strong analytical, communication, and documentation skills in English.
• Familiarity with security frameworks and compliance standards like SOX, GDPR, ISO 27001.
• Good communication skills in English (both verbal and written).

Benefits

We put a lot of thought into our programs to provide you with a benefits package that matters. Whether it is for medical care, taking time off, improving your health or planning for retirement, we've got you covered.

Here's a small snapshot:

· Complimentary preventive health check-up for you & your spouse

· OPD coverage

· Best in class leave plan including paternity & family care leaves

· Counselling sessions to prioritize mental well-being

· Exclusive discount vouchers on Levi's products

We are an Equal Opportunity Employer committed to empowering individuals from all walks of life to achieve their professional goals with us, regardless of race, religion, gender, gender identity, pregnancy, disability, sexual orientation, age, national origin, citizenship status, or genetic information. We actively seek and encourage applications from diverse candidates, including those with disabilities, and offer accommodations throughout the selection process upon request. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.