JD North America

6 days ago

Morgan Hill, CA, United States Shoe Palace Full time
JD Group North America

SUMMARY

The position of Identity Governance & Administration (IGA) Engineer will deliver best-in-class design, implementation and management of our IGA solution in a large-scale, fast-paced retail environment.

This role requires deep SailPoint Identity Security Cloud (ISC) expertise, strong operational knowledge and the ability to work effectively across security, infrastructure, application and business teams.

This position reports to the Vice President, CISO.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Include the following. Other duties may be assigned.
  • Own the Identity & Access Management (IAM) architecture roadmap with a strong focus on SailPoint ISC, authoritative data sources, and core directory services (Active Directory, Entra ID)
  • Design and govern identity lifecycle and access governance solutions for employees, contractors, vendors and service accounts
  • Architect and oversee implementations between IAM platforms and enterprise systems including POS, ERP, e-commerce platforms and cloud workloads
  • Define and implement robust a RBAC model, automated provisioning/deprovisioning and identity workflows within SailPoint
  • Provide guidance and architectural support for directory service modernization ensuring security and role modelling across hybrid IT estates
  • Lead the secure integration of Authentication & Authorization mechanisms (e.g. SAML, OIDC, OAuth2) for internal and customer facing applications
  • Support audit and compliance initiatives including PCI-DSS, GDP and internal policy enforcement
  • Evaluate new IAM technologies, tools and capabilities to maintain a forward-looking, strategic identity architecture
  • Collaborate with business and technical stakeholders to gather requirements and translate them into scalable SailPoint configurations
  • Integrate SailPoint ISC with enterprise systems and applications (both on-prem and cloud) via out of the box connectors or custom-built connectors
  • Implement identity governance policies, role models, access reviews and segregation of duties (SoD) controls
  • Monitor and maintain the health of the SailPoint ISC platform, troubleshoot issues and implement enhancements
  • Automate provisioning and de-provisioning for user access across multiple systems
  • Participate in security audits and contribute to compliance efforts by providing evidence and supporting documentation
  • Stay current with SailPoint updates, new features and industry best practices in identity and access management
  • Support hybrid environments by integrating Privilege Cloud with on-prem infrastructure and identity sources (e.g. Active Directory)
  • Collaborate with internal colleagues and teams to maintain optimal configuration, availability and performance.
  • Participate in security reviews and support audit-related activities related to privileged account governance
  • Provide integration support across ITSM ticket systems, SIEMs and CI/CD pipelines to ensure secure DevOps practices.
  • Perform regular health checks, maintenance and upgrades, and incident resolution for the SailPoint platform.
  • Provide level 2/3 support for SailPoint related issues and alerts.
  • Document architecture, procedures and incident response playbooks.
  • Work with Technology, Security and Application teams to understand access needs across the organization's systems and cloud environments
  • After hours support required.
  • Perform other identity Governance tasks as assigned.
SUPERVISORY RESPONSIBILITIES

None

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  • SailPoint certification (e.g. SailPoint IdentityNow Engineer or Architect)
  • Background in broader IAM concepts such as PAM, SSO, or MFA.
  • Security certifications such as CISSP, CISM or CCSP are a plus.
  • Knowledge of security frameworks, regulatory requirements and compliance standards (e.g. NIST, PCI DSS, GDPR).
EDUCATION and/or EXPERIENCE
  • Proven experience within Identity and Access Management, with significant hands-on experience with SailPoint (preferably ISC)
  • Strong understanding of identity lifecycle management, JML, RBAC/ABAC/PBAC, access certification and provisioning
  • Experience with SailPoint features such as:
    • IdentityNow configuration and deployment
    • Custom connector development
    • REST APIs and web services
    • Rules, roles, polices and workflows in SailPoint ISC
  • Familiarity with directory services (AD, Entra ID), HR systems and enterprise applications
  • Solid understanding of Windows/Linux systems, and cloud platforms (AWS, Azure, GCP)
  • Proficient in scripting and development languages such as PowerShell, Java or Python and experienced at utilizing SailPoint's own REST APIs
  • Excellent problem-solving skills and attention to detail
  • Strong written and verbal communication and collaboration skills
  • Detail-oriented with a strong security mindset and ability to think proactively.
Overall Purpose of the Role

Hibbett is looking for a hands-on, senior-level identity engineer who can own, architect, and operationalize the company's identity governance platform (SailPoint Identity Security Cloud) within a large, complex retail enterprise.
This is not just an administrative or support role - it's a technical leadership position within the cybersecurity organization, reporting directly to the CISO, focused on building and maturing Hibbett's IAM and governance capabilities.

Core Mission

To design, implement, and maintain secure, automated, and compliant identity and access governance systems that ensure:
  • Every user (employee, contractor, vendor, service account) has the right access.
  • Access changes are automated, traceable, and compliant.
  • Integrations across retail systems (POS, ERP, e-commerce, cloud) are secure and seamless.
  • The environment aligns with regulatory and audit standards (PCI, GDPR, etc.).
What Hibbett Specifically Wants

1.Deep SailPoint Identity Security Cloud Expertise
  • Act as the subject-matter expert for SailPoint ISC.
  • Architect, configure, and optimize the SailPoint platform (connectors, workflows, policies).
  • Implement RBAC (Role-Based Access Control), automated provisioning/deprovisioning, and SoD (Segregation of Duties) controls.
  • Maintain platform health, troubleshoot issues, and perform upgrades.
2.Architectural Ownership
  • Own the IAM / IGA roadmap, aligning it with broader enterprise security and technology strategy.
  • Design integrations with systems like Active Directory, Entra ID (Azure AD), POS, ERP, and e-commerce platforms.
  • Lead directory modernization and ensure consistent identity modeling across hybrid environments (on-prem + cloud).
3.Integration & Automation Skills
  • Build and maintain integrations with enterprise systems via APIs, connectors, and workflows.
  • Automate user lifecycle management across systems.
  • Connect SailPoint to ITSM (ServiceNow), SIEM, and DevOps pipelines to strengthen identity-driven security automation.
4.Governance & Compliance
  • Support audits (PCI-DSS, GDPR, internal IT policies).
  • Provide evidence, documentation, and reporting for compliance.
  • Maintain access certification campaigns and enforce governance controls.
5.Collaboration & Cross-Functional Influence
  • Partner with Security, Infrastructure, HR, Application, and Business teams.
  • Translate business access needs into technical configurations.
  • Serve as a technical advisor to leadership and peers on identity-related strategy and risks.
Preferred Experience & Background
  • Certifications:
    • SailPoint (IdentityNow Engineer or Architect) required/preferred
    • CISSP / CISM / CCSP - plus
  • Technical Exposure:
    • Directory services (Active Directory, Entra ID/Azure AD)
    • Authentication protocols: SAML, OAuth2, OIDC
    • Privileged Access Management (PAM) and Single Sign-On (SSO)
    • Hybrid and cloud environments (Azure, AWS)
    • Security frameworks: NIST, PCI-DSS, GDPR compliance
  • Soft Skills:
    • Strategic mindset (roadmap ownership)
    • Strong cross-team communication
    • Ability to operate under pressure in a fast-paced retail environment
    • Willingness to provide after-hours support
What "Success" Looks Like in This Role
  • SailPoint ISC is fully integrated and automated across all major enterprise systems.
  • Identity lifecycle management is streamlined and auditable.
  • Hibbett's IAM environment supports zero-trust security goals and regulatory compliance.
  • The engineer becomes the go-to internal expert on identity governance - influencing architecture, tools, and policy.
Alternate / Equivalent Job Titles in the Market

Hibbett's "IGA Engineer" aligns closely with:
  • Identity Governance Engineer
  • IAM Engineer (SailPoint focus)
  • Identity & Access Governance Architect
  • Identity Security Engineer
  • SailPoint Engineer / Architect
  • Identity Solutions Engineer


Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

  • Assembler 2 - Swing Shift

    2 days ago

    Morgan Hill, CA, United States Macom Technology Solutions Holdings, Inc. Full time

    Company Overview:MACOM designs and manufactures semiconductor products for Data Center, Telecommunication and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001...

  • Assembler 2 - Day Shift

    1 week ago

    Morgan Hill, CA, United States Macom Technology Solutions Holdings, Inc. Full time

    Company Overview: MACOM designs and manufactures semiconductor products for Data Center, Telecommunication and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001...

  • Assembler 2 - Day Shift

    5 days ago

    Morgan Hill, CA, United States Macom Technology Solutions Holdings, Inc. Full time

    Company Overview: MACOM designs and manufactures semiconductor products for Data Center, Telecommunication and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001...

  • Abercrombie & Fitch - Stock Associate, Gilroy Outlet

    7 days ago

    Morgan Hill, CA, United States Abercrombie and Fitch Co. Full time

    Company Description Abercrombie & Fitch Co. is a global, digitally led omnichannel specialty retailer of apparel and accessories catering to kids through millennials with assortments curated for their specific lifestyle needs. The company operates a family of brands, including Abercrombie & Fitch, YPB, abercrombie kids, Hollister and Gilly Hicks, each...

  • Abercrombie & Fitch - Stock Associate, Gilroy Outlet

    1 week ago

    Morgan Hill, CA, United States Abercrombie and Fitch Co. Full time

    Company Description Abercrombie & Fitch Co. is a global, digitally led omnichannel specialty retailer of apparel and accessories catering to kids through millennials with assortments curated for their specific lifestyle needs. The company operates a family of brands, including Abercrombie & Fitch, YPB, abercrombie kids, Hollister and Gilly Hicks, each...

  • Abercrombie & Fitch - Stock Associate, Gilroy Outlet

    2 weeks ago

    Morgan Hill, CA, United States Abercrombie and Fitch Co. Full time

    Company Description Abercrombie & Fitch Co. is a global, digitally led omnichannel specialty retailer of apparel and accessories catering to kids through millennials with assortments curated for their specific lifestyle needs. The company operates a family of brands, including Abercrombie & Fitch, YPB, abercrombie kids, Hollister and Gilly Hicks, each...

  • Abercrombie & Fitch - Stock Associate, Gilroy Outlet

    2 days ago

    Morgan Hill, CA, United States Abercrombie and Fitch Co. Full time

    Company Description Abercrombie & Fitch Co. is a global, digitally led omnichannel specialty retailer of apparel and accessories catering to kids through millennials with assortments curated for their specific lifestyle needs. The company operates a family of brands, including Abercrombie & Fitch, YPB, abercrombie kids, Hollister and Gilly Hicks, each...

  • Experienced Heavy Equipment Mechanic

    7 days ago

    Morgan Hill, CA, United States wm Full time

    Are you looking for stable work as an Experienced Heavy Equipment Mechanic with benefits that provide financial security for you and your family? Aspiring to advance in your heavy equipment career at a site that prides itself on employee safety? Searching for a company that prioritizes its employees' well-being and understands the importance of family time?...

  • Patient Care Technician

    1 week ago

    Pleasant Hill, CA, United States Fresenius Medical Care North America Full time

    PURPOSE AND SCOPE: Functions as part of the dialysis health care team in providing safe and effective dialysis therapy for patients under the direct supervision of a licensed nurse in accordance with organization policies, procedures, and training and in compliance with regulations set forth by the corporation, state, and federal agencies. Responsible for...

  • Customer Service Team Member

    2 weeks ago

    Pleasant Hill, CA, United States Michaels Stores Full time

    Store - BAY-PLEASANT HILL, CA Deliver friendly customer service, help customers shop our store, and find what they're looking for. Ensure all customers receive a fast and friendly checkout experience. Complete truck unloading and merchandise duties throughout the store including maintaining store recovery standards to deliver our Brand Promises. Help...