SUMMARY:
-
POSITION INFO:
IAG Engineer | Johannesburg | Permanent
Shape how access is governed, secured, and automated across a complex enterprise environment. This is an opportunity to own and evolve a critical identity governance platform that directly impacts risk, compliance, and operational efficiency.
In this role, you will design, implement, and optimise Identity and Access Governance (IAG) solutions, ensuring seamless identity lifecycle management and robust access control across systems. You will work across platforms and stakeholders to automate provisioning, strengthen governance frameworks, and improve the overall maturity of identity management practices.
Our client is a well-established organisation operating in a highly regulated environment, with a strong focus on security, governance, and digital transformation. They are investing in modern identity solutions to enhance control, scalability, and user experience.
What You’ll Do
- Design, implement, and maintain IAG platforms such as SailPoint, Saviynt, One Identity, or Entra ID Governance
- Configure identity lifecycle workflows including joiner, mover, and leaver processes
- Manage integrations with Active Directory, Entra ID, HR systems, business applications, and cloud platforms
- Automate user provisioning and de-provisioning based on identity attributes
- Implement and enforce least-privilege access models
- Design and maintain business roles, IT roles, and entitlement models
- Conduct role mining and optimisation to reduce complexity and access sprawl
- Configure and manage access certification campaigns across users, privileged access, and applications
- Track review progress, exceptions, and remediation actions
- Provide audit-ready reporting and evidence of access approvals
- Drive automation using APIs, workflows, and scripting
- Collaborate with HR, IT, Security, Risk, Audit, and business stakeholders
What You Bring
- Bachelor’s degree in Computer Science, Information Systems, or a related field
- 5+ years of experience in identity governance or PAM engineering
- Strong experience with IAG platforms such as SailPoint, Saviynt, One Identity, or Entra ID Governance
- Deep understanding of identity lifecycle management and access provisioning models
- Solid knowledge of RBAC and directory services such as Active Directory and LDAP
- Strong analytical and problem-solving capability
- Ability to engage both technical and business stakeholders effectively
- Clear documentation and communication skills
- Detail-oriented with a risk-based mindset
What Success Looks Like
- Efficient and accurate identity lifecycle management processes
- Strong adherence to least-privilege access principles
- High-quality, scalable role and entitlement models
- Successful completion of access reviews and certifications
- Positive audit outcomes with minimal findings
- Stable, performant, and scalable IAG platform operations
