At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection.
Job Description
We are seeking a skilled and motivated SailPoint Identity & Access Management (IAM) Engineer to join our team. This role is ideal for professionals with hands-on experience in SailPoint IdentityIQ, who are passionate about securing digital identities and enabling seamless access across enterprise systems. You will play a key role in designing, implementing, and supporting IAM solutions that align with Allstate’s security policies and business objectives.
Key Responsibilities
Implement and maintain SailPoint IdentityIQ solutions, including lifecycle management, access certifications, and role-based access controls.
Collaborate with cross-functional teams to gather requirements and deliver IAM services that meet business needs.
Support onboarding of applications into SailPoint, including connector configuration and policy setup.
Troubleshoot and resolve IAM-related issues, ensuring minimal disruption to business operations.
Participate in audits and compliance activities by providing documentation and evidence of IAM controls.
Monitor and optimize IAM processes for performance, scalability, and security.
Assist in the development of IAM standards, procedures, and best practices.
Key Qualifications
5+ years of development experience in Identity & Access Management, with hands-on expertise SailPoint IdentityIQ required.
Strong understanding of IAM concepts: provisioning, de-provisioning, access reviews, RBAC, certification, and SOD.
Experience with scripting languages (e.g., BeanShell, PowerShell, or Python) for customization and automation.
Experience in cloud IAM (e.g., Azure AD, AWS IAM).
Familiarity with directory services (LDAP, Active Directory), SSO, and authentication protocols (SAML, OAuth, etc.).
Knowledge of regulatory frameworks (e.g., SOX, HIPAA, GDPR) and their impact on IAM.
Effective communication skills, with the ability to convey technical concepts to non-technical stakeholders.
Excellent problem-solving skills with the ability to assess complex situations and provide actionable solutions.
Bachelor’s degree in Computer Science, Information Security, or related field preferred.
#LI-JJ1
Skills
Active Directory (AD), Application Infrastructure, Cloud IAM, Design, General Data Protection Regulation (GDPR), Identity Access Management (IAM), IT Infrastrcuture Project Management, IT Security Operations, LDAP Authentication, Python (Programming Language), Role Based Access Control (RBAC), SailPoint IdentityIQ, Scripting, Security Assertion Markup Language (SAML), Single Sign-On (SSO), Solution Engineering, Strategic Collaborations, Windows PowerShell
Compensation
Compensation offered for this role is 75,100.00 – 126,325.00 annually and is based on experience and qualifications.
The candidate(s) offered this position will be required to submit to a background investigation.
Joining our team isn’t just a job — it’s an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. One where you can shape the future of protection while supporting causes that mean the most to you. Joining our team means being part of something bigger – a winning team making a meaningful impact.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please click “here” for information regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please click “here” for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.
To view the “EEO Know Your Rights” poster click “here”. This poster provides information concerning the laws and procedures for filing complaints of violations of the laws with the Office of Federal Contract Compliance Programs.
To view the FMLA poster, click “here”. This poster summarizing the major provisions of the Family and Medical Leave Act (FMLA) and telling employees how to file a complaint.
It is the Company’s policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employee’s ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race (include traits historically associated with race, including, but not limited to, hair texture and protective hairstyles), religion (including religious dress), sex, or sexual orientation that adversely affects an employee’s terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.
Allstate provides a comprehensive technology setup, including a laptop, monitors, headset, keyboard, and mouse. Employees eligible to work from home also receive a monthly connectivity reimbursement to help offset internet costs.
When working from home, you must have a dedicated, private workspace free from distractions, along with appropriate desk and seating. Reliable internet is required, with minimum speeds of 50 MB download and 5 MB upload.
