Identity and Access Management (IAM) Senior Engineer (Hong Kong)

We’re seeking a hands-on IAM Senior Engineer to architect, build, and maintain world-class identity and access management solutions. You’ll collaborate with security, infrastructure, and application teams to deliver secure, scalable SSO/MFA, RBAC, and access governance processes that meet business and compliance needs.

Key Responsibilities

- Design, implement, and manage Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions across on-prem and cloud environments.

- Lead integrations and customizations in Okta, Microsoft Entra ID (formerly Azure AD), SailPoint, Ping Identity/ForgeRock, Oracle Identity Manager, and Saviynt.

- Develop and maintain automation scripts using PowerShell and BeanShell to streamline user lifecycle, provisioning, and deprovisioning workflows.

- Architect and operationalize biometrics and passwordless authentication (FIDO2/WebAuthn) for high-security applications.

- Define, implement, and enforce role-based access control (RBAC) models, including role design, maintenance, and segregation of duties.

- Plan and execute periodic access recertifications and audits; partner with business owners to design approval and attestation processes.

- Troubleshoot identity, authentication, and authorization issues; perform root-cause analysis and remediation.

- Document architecture, processes, runbooks, and standard operating procedures; train stakeholders and support teams.

Required Skills and Experience

- 3+ years of hands-on experience in Identity and Access Management engineering.

- Deep expertise with SSO and MFA technologies, including Okta and Microsoft Entra ID.

- Solid working knowledge of SailPoint, Ping/ForgeRock, Oracle Identity, and Saviynt platforms.

- Proficiency in scripting in PowerShell and BeanShell for automation of IAM workflows.

- Experience with biometrics and modern passwordless solutions (FIDO2, WebAuthn).

- Strong understanding of RBAC design, role modeling, and SoD conflict analysis.

- Proven track record in conducting access recertifications and building approval/attestation processes.

- Familiarity with security protocols: SAML, OAuth2, OIDC, SCIM.

- Excellent communication skills and ability to work cross-functionally in a fast-paced environment.

Preferred Qualifications

- Certifications such as Okta Certified Administrator, Microsoft Certified: Identity and Access Administrator Associate, CISSP, or CISM.

- Experience integrating IAM with CI/CD pipelines and DevOps toolchains.

- Familiarity with cloud platforms (Azure, AWS, GCP) and their native IAM services.

- Exposure to directory services (Active Directory, LDAP) and federation technologies.

- Knowledge of compliance frameworks (PCI DSS, SOX, ISO 27001) and security best practices.

If this outstanding opportunity sounds like your next career move, please send your resume in Word format to Sedrick Chan at and put Identity and Access Management (IAM) Senior Engineer in the subject header. Data provided is for recruitment purposes only.

Pinpoint Asia is the leading specialist Financial IT recruitment firm in the Asia Pacific region. Visit Pinpoint Asia’s website at http://www.pinpointasia.com today to see other exciting job opportunities.