Apply now »

Engineer, IAM

Location: 

Bethpage, NY, US, 11714 Plano, TX, US, 75024

Brand:  Optimum
Requisition #:  12027

Are you looking to Optimize your life? Start your exciting path to a rewarding career today!

  
We are Optimum, a leader in the fast-paced world of connectivity, and we're seeking driven and enthusiastic professionals to join our team, empower lives, fuel businesses, and drive innovation. Connectivity is now longer a luxury, but a necessity. A career at Optimum means you'll be enabling progress and enhancing lives by providing reliable, high-speed connectivity solutions that keep the world connected. Our successes, now and in the future, are powered by our amazing product, a commitment to our people and culture, and the connections we make in our communities.


If you are resourceful, collaborative, and passionate about delivering consistent excellence, Optimum is for you! 

Job Summary

As an Identity & Access Management Engineer on the Customer IAM team, you are a hands-on practitioner responsible for the configuration, integration, and ongoing operations of our enterprise Customer IDP platform. You translate IAM strategy into working solutions, building authentication flows, provisioning connectors, and migration integrations that application teams across the company rely on every day.

You will work directly with application development teams to guide them through the adoption of modern authentication standards (OIDC, OAuth 2.0, SAML 2.0, FIDO2/WebAuthn), troubleshoot complex integration issues, and build the tooling and documentation that make a seamless customer experience possible. This role sits at the intersection of security engineering, platform operations, and developer experience.

Responsibilities

CIAM Platform Configuration & Operations

  • Administer and configure the enterprise customer identity platform, including application integrations (OIDC, SAML), authentication policies, MFA, and network/security settings
  • Manage identity data and lifecycle processes, including directory schema, attribute mappings, group rules, and automated provisioning/de-provisioning (SCIM, workflows)
  • Configure and maintain authorization services, including scopes, claims, and access policies aligned to application requirements
  • Monitor platform health and security using logs and SIEM integrations; investigate issues and execute remediation based on established runbooks
  • Maintain operational documentation, runbooks, and support materials for internal and customer-facing teams

Authentication Integration & Migration

  • Execute application migrations from legacy authentication systems to modern CIAM solutions using established playbooks
  • Configure and validate authentication integrations (OIDC, SAML), ensuring secure and seamless end-to-end authentication experiences
  • Test authentication and authorization flows across development, staging, and production environments, and coordinate issue resolution with application teams
  • Support implementation of advanced authentication methods, including MFA and passwordless or phishing-resistant mechanisms
  • Track migration progress and contribute to reporting for application onboarding and modernization efforts

Developer Support & Enablement

  • Serve as a technical advisor to application development teams integrating with the CIAM platform
  • Provide guidance on authentication design, token usage, and session management aligned with identity standards
  • Develop and maintain documentation, integration guides, and code samples to enable efficient onboarding
  • Troubleshoot complex authentication and provisioning issues using system logs, browser diagnostics, and application insights
  • Participate in architecture reviews and promote secure, standards-based identity patterns
  • Contribute to knowledge sharing through documentation, demos, and team enablement sessions

Security, Compliance & Continuous Improvement

  • Implement and maintain authentication and access controls aligned with enterprise security policies and data sensitivity requirements
  • Support audit and compliance activities (e.g., SOX, SOC 2, PCI-DSS) including evidence collection and access reporting
  • Participate in identity-related incident response and contribute to root cause analysis and process improvement
  • Maintain platform security hygiene, including policy reviews, removal of unused configurations, and credential/token management
  • Build and enhance automation using scripting or Infrastructure-as-Code tools (e.g., Terraform) to improve consistency and reduce manual effort
  • Contribute to CI/CD processes for identity configuration changes, including testing, peer review, and deployment
  • Evaluate new platform capabilities and support proof-of-concept implementations for continuous improvement

 

Qualifications

Required

  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent experience)
  • 3+ years of experience in Identity & Access Management, cybersecurity, or a related technical field with hands-on platform administration
  • Experience administering CIAM or identity provider platforms in production environments, including authentication policies, integrations, and lifecycle management
  • Working knowledge of identity standards and protocols such as OAuth 2.0, OpenID Connect (OIDC), SAML, and SCIM
  • Experience troubleshooting authentication and provisioning issues using logs, browser tools, and diagnostic methods
  • Ability to write code or automation scripts in at least one modern language (e.g., JavaScript, Python, Java, Go)
  • Experience working with application development teams in a technical advisory or enablement capacity
  • Familiarity with cloud platforms (AWS, Azure, or GCP) and identity integrations

At Optimum, every action and interaction we take part in, is driven by our three Guiding Principles: Do What’s Right, Drive One Optimum, and Make It Happen. These aren’t just words, they help us build trust, create real community, and embrace new ways of thinking. Our employees are empowered to do the right thing for our customers and co-workers and to recognize and reward these behaviors when we see them. It’s all part of the bigger picture of “Be The Difference” where each employee knows they have the power to enact real change, share new ideas, and understand that learning never stop.

 

If you have the drive to succeed and are ready to embark on a thrilling career, seize this opportunity today, and join our winning team. Together, we'll shape the future of connectivity.

 

All job descriptions and required skills, qualifications and responsibilities for a particular position are subject to modification by the Company from time to time, in the Company’s discretion based on business necessity.

 

We are an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.

The Company collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.

 

Applicants for employment with The Company will never be asked to provide money (even if reimbursable) as part of the job application or hiring process. Please review our Fraud FAQ for further details.
 
 
Pay is competitive and based on a number of job-related factors, including skills and experience. The starting pay rate/range at time of hire for this position in New Yorkis $83,538.00 - $137,241.00 / year. For other locations, please inquire with your recruiter. The rates/ranges provided herein are the anticipated pay at the time of hire, and do not reflect future job opportunity.
 

We appreciate your interest in this opportunity. Applicants must be authorized to work for ANY employer in the U.S.  Please note that at this time, we do not provide visa sponsorship for employment.


Nearest Major Market: Long Island
Nearest Secondary Market: New York CIty

Apply now »