IAM System Engineer I (Hybrid)

Job Title

IAM System Engineer I (Hybrid)

Job Description

For more than 80 years, Kaplan has been a trailblazer in education and professional advancement. We are a global company at the intersection of education and technology, focused on collaboration, innovation, and creativity to deliver a best in class educational experience and make Kaplan a great place to work.

Our offices in India opened in Bengaluru in 2018. Since then, our team has fueled growth and innovation across the organization, impacting students worldwide. We are eager to grow and expand with skilled professionals like you who use their talent to build solutions, enable effective learning, and improve students’ lives.

The future of education is here and we are eager to work alongside those who want to make a positive impact and inspire change in the world around them.

The IAM Engineer performs advanced engineering, operations, and support for our enterprise Identity and Access Management (IAM) ecosystem. This role is vital in securing Kaplan’s and GHCO’s digital assets while ensuring seamless access for our workforce. You will own the full lifecycle — from architectural design to daily operations and patching— of critical systems including Microsoft Identity Manager (MIM), Citrix, Duo, Active Directory, AD DNS, ADCS, OneLogin, and Ping.

In addition to core IAM duties, this role drives the evolution of our identity stack into the cloud with Microsoft Entra ID (formerly Azure AD), implements Privileged Access Management (PAM) strategies, and manages foundational infrastructure such as Active Directory, AD DNS, Route 53, and Internal ADCS PKI.

Key Responsibilities:

• Translate business requirements into scalable and secure identity and access management (IAM) architecture and technical designs.
• Serve as the technical lead for IAM initiatives, guiding strategic improvements such as Entra ID migrations and PAM implementations.
• Design and implement automated identity lifecycle solutions using PowerShell and Microsoft Identity Manager (MIM/FIM) to eliminate manual processes.
• Engineer and optimize Microsoft Entra ID (Azure AD) configurations including Conditional Access, identity governance, and hybrid identity synchronization.
• Manage and maintain core IAM infrastructure including Active Directory, ADCS, MIM, Citrix, DNS, Route 53, PingFederate, OneLogin, and Duo.
• Implement and support Privileged Access Management (PAM), secrets management, LAPS, and multi-factor authentication controls.
• Maintain IAM platforms through patching, upgrades, and system hardening to ensure stability, security, and compliance.
• Develop architecture documentation, build procedures, test plans, and as-built documentation for reliable deployments.
• Provide Tier 2/3 troubleshooting and operational support for complex IAM issues including replication errors and system outages.
• Support security audits and compliance reviews, providing evidence and acting as a technical subject matter expert for IAM controls.
• Hybrid Schedule: 3 days remote / 2 days in office
• 30-day notification period preferred

Minimum Qualifications:

• Bachelor’s Degree in Information Systems, Engineering, IT, Computer Science, CyberSecurity or a related field. (Equivalent alternative education, skills, and/or practical experience is also acceptable.)
• 3+ years' experience as a Microsoft system administrator, including in-depth knowledge of Active Directory administration and support.
• Ability to translate business requirements into secure, scalable Identity and Access Management (IAM) architectures and technical designs.
• Experience designing automated identity lifecycle processes to replace manual IAM operations.
• Strong ability to produce technical documentation including architecture diagrams, build procedures, and test plans.
• Demonstrated capability to lead technical IAM initiatives and evolve enterprise identity governance platforms.
• Strong analytical and troubleshooting skills for complex authentication, directory, and identity infrastructure issues.
• Ability to design secure access control models, including privileged access strategies and credential protection.
• Experience maintaining highly available IAM infrastructure and ensuring operational reliability.
• Ability to support security audits and compliance reviews, providing evidence for identity-related controls.
• Technical expertise with Active Directory, Windows Server, Duo MFA, federated identity, and SSO platforms (Entra ID, ADFS, PingFederate, OneLogin).
• Strong scripting and infrastructure skills including PowerShell, SQL/LDAP queries, MIM/FIM development, DNS, PKI (ADCS), and general systems administration.

Preferred Qualifications

• Core Systems: Solid working knowledge of Citrix
• Operational Tools: Experience with Jira and Confluence for project tracking and documentation.
• Soft Skills: Excellent verbal/written communication and the ability to work with minimal supervision.

Beyond base salary, our comprehensive total rewards package includes:

Hybrid work model provides a flexible work/life balance

Voluntary Provident Fund is an additional voluntary contribution scheme associated with the statutory Employee Provident Fund (EPF)

Our Gift of Knowledge Program provides tuition assistance and substantial discounts for our employees and close family members

Comprehensive health benefits new hire eligibility starts on day 1 of employment

Generous Paid Time Off includes National holidays(10), Earned leaves(15), sick leave(12), plus one (1) volunteer day to participate and give back to our local communities

Gratuity is applicable upon completion of 5 years as per the Gratuity Act

We are committed to providing a supportive and rewarding work environment where every employee can thrive. You can learn more about our full benefits package and total rewards philosophy here.

At Kaplan, we believe in attracting, rewarding, and retaining exceptional talent. Our compensation philosophy is designed to be competitive within the market, reflecting the value we place on the skills, experience, and contributions of our employees, while taking into account labor market trends and total rewards. The specific compensation offered will be determined by a variety of factors, including but not limited to the candidate's qualifications, relevant experience, education, skills, and market data.

Location

Bangalore, KA, India

Additional Locations

Employee Type

Employee

Job Functional Area

Business Systems Operations & Support

Business Unit

00091 Kaplan Higher ED

Diversity & Inclusion Statement:

Kaplan is committed to cultivating an inclusive workplace that values diversity, promotes equity, and integrates inclusivity into all aspects of our operations. We are an equal opportunity employer and all qualified applicants will receive consideration for employment regardless of age, race, creed, color, national origin, ancestry, marital status, sexual orientation, gender identity or expression, disability, veteran status, nationality, or sex. We believe that diversity strengthens our organization, fuels innovation, and improves our ability to serve our students, customers, and communities. Learn more about our culture here.

Kaplan considers qualified applicants for employment even if applicants have an arrest or conviction in their background check records. Kaplan complies with related background check regulations, including but not limited to, the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. There are various positions where certain convictions may disqualify applicants, such as those positions requiring interaction with minors, financial records, or other sensitive and/or confidential information.

Kaplan is a drug-free workplace and complies with applicable laws.

Experience Level

Senior Level