Johnson Controls
Produces HVAC, fire, security and building automation systems to optimize and protect buildings globally.
Senior Engineer - Zero Trust & IAM
Implement and manage Zero Trust and IAM solutions across enterprise environments.
Job Highlights
About the Role
• Developed technical strategies, architectures, and roadmaps for IAM initiatives • Ensured compliance with NIST, HIPAA‑HITECH, HITRUST, PCI, and GDPR
Key Responsibilities
- ▸iam strategy
- ▸iam architecture
- ▸roadmap development
- ▸regulatory compliance
What You Bring
Johnson Controls is seeking a Senior Engineer specializing in Zero Trust and Identity and Access Management (IAM). The ideal candidate has at least five years of experience implementing enterprise IAM and Privileged Access Management (PAM) solutions such as Saviynt, Okta, SailPoint, Ping Identity, Microsoft Identity Manager, or CyberArk in client environments. They must also be skilled at developing technical strategies, architectures, and roadmaps, and possess outstanding communication and presentation abilities to convey complex technical concepts to non‑technical audiences. Preferred experience includes hardening security for Active Directory, Windows, and Unix/Linux systems, as well as solid knowledge of software development principles and design patterns. Candidates should be familiar with IDaaS providers (Microsoft, Okta, Ping Identity, Google Cloud Identity) and cloud platforms (Azure, AWS, GCP) native IAM controls. Experience with identity governance tools, Microsoft 365, SAML, OIDC, applied cryptography, PKI, and programming languages such as Python, Java, C#, .NET, plus scripting, is also valued. In this role you will act as a key influencer for IAM proof‑of‑concepts, requests for proposals, and vendor selections. Additional responsibilities include leveraging user behavior analytics, integrating with enterprise systems like Workday, SAP, and Salesforce, and managing mobile device management solutions such as Intune or AirWatch. A strong understanding of regulatory frameworks (NIST, HIPAA‑HITECH, HITRUST, PCI, GDPR) and excellent written, verbal, and organizational skills are essential. • 5+ years implementing enterprise IAM and PAM solutions (e.g., Saviynt, Okta, SailPoint, CyberArk) • Strong communication and presentation skills for non‑technical audiences • Hardened security for Active Directory, Windows, and Unix/Linux environments • Applied software development principles, design patterns, and scripting • Experience with IDaaS providers (Microsoft, Okta, Ping Identity, Google Cloud Identity) • Implemented cloud‑native IAM controls on Azure, AWS, and GCP • Managed identity governance tools and processes (e.g., Saviynt, SailPoint) • Worked with Microsoft 365, SAML, OIDC, PKI, and applied cryptography • Proficient in Python, Java, C#, .NET, and web services (SOAP/REST APIs) • Influenced IAM proof‑of‑concepts, RFPs, and vendor selection processes • Utilized user behavior analytics and integrated with Workday, SAP, Salesforce • Managed MDM solutions such as Intune or AirWatch • Holds or pursues relevant certifications (CISSP, SANS, GIAC, OKTA Professional, Cloud Architect)
Requirements
- ▸5+ years
- ▸active directory
- ▸okta
- ▸sailpoint
- ▸cyberark
- ▸cissp
Work Environment
Office Full-Time