Senior IAM Engineer

Glocomms is partnered with a top-performing hedge fund to deliver a critical senior hire within their Identity & Access Management IAM function. This position will sit out of the firm's New York City HQ and offers the opportunity to work in a deeply technical, security-first environment where engineering excellence and operational precision are paramount.

The Senior IAM Engineer will be a key contributor to the design, development, and operation of the firm's identity infrastructure. This role requires a strong engineering mindset, deep technical expertise in authentication and authorization systems, and the ability to collaborate across teams to deliver secure, scalable solutions. The ideal candidate will bring a blend of hands-on development, infrastructure knowledge, and a deep understanding of modern identity protocols.

Key Responsibilities:

• Design and implement IAM solutions across a hybrid environment, integrating on-prem Active Directory with Entra ID (Azure AD).
• Develop and maintain automation scripts and tooling using PowerShell and Python to support identity lifecycle management, access provisioning, and compliance reporting.
• Engineer secure authentication and authorization mechanisms using Kerberos, OAuth, SAML, and LDAP.
• Manage and enhance PKI infrastructure, including certificate issuance, renewal, and revocation processes.
• Partner with infrastructure, security, and application teams to enforce access control policies and support Zero Trust initiatives.
• Participate in tabletop exercises, incident response planning, and post-incident reviews related to identity and authentication systems.
• Contribute to the evolution of the firm's Windows infrastructure, with a focus on identity, automation, and operational resilience.
• Provide technical leadership and mentorship to junior engineers and cross-functional partners.

Required Qualifications:

• Bachelor's degree in Computer Science, Engineering, or a related technical discipline.
• 7+ years of experience in IAM engineering, preferably in a high-security, high-availability environment such as financial services or technology.
• Deep expertise in Active Directory, Entra ID, and hybrid identity architectures.
• Proficiency in PowerShell and/or Python for automation and tooling.
• Strong understanding of authentication protocols and standards (Kerberos, OAuth, SAML, LDAP).
• Experience managing PKI and certificate-based authentication systems.
• Excellent communication skills, with the ability to translate complex technical concepts to non-technical stakeholders.

Preferred Experience:

• Prior experience in a hedge fund, investment bank, or similarly demanding technical environment.
• Familiarity with identity governance platforms and access review workflows.
• Exposure to modern identity frameworks and Zero Trust architecture principles.
• Experience participating in or leading tabletop exercises and IAM-related incident response.

Please note: This is a fully onsite role based in New York City. Candidates must be willing to work in-office five days a week. Relocation support is available for qualified candidates outside the area.