Senior IBM (ISAM/ISVA) Engineer

We are seeking a senior-level IBM Security Access Manager (ISAM) / IBM Security Verify Access (ISVA) Engineer with deep expertise in designing, deploying, and operationalizing secure access management platforms from the ground up.

This role requires hands-on experience standing up the full ISAM/ISVA infrastructure, configuring clustering and high availability, implementing disaster recovery, and integrating the platform into complex enterprise environments. This is not a support-only or configuration-only role — the ideal candidate has built resilient ISAM/ISVA environments end-to-end and understands the infrastructure, networking, security, and performance considerations required to run the platform at enterprise scale.

This position is remote, but must be a resident in India

• Design and implement enterprise-grade ISAM / ISVA architecture

• Install and configure:

  • ISVA Virtual Appliances (Access Control, Federation, Advanced Access Control)

  • Web Reverse Proxy (WRP)

  • Policy Server

  • Runtime components

• Configure clustered deployments for scalability and redundancy

• Design and implement multi-tier environments (DEV, QA, PROD)

• Implement secure baseline configurations aligned with enterprise standards

• Design and configure:

  • Appliance clustering

  • Runtime high availability

  • Session failover and replication

  • Load balancing strategies (F5, Netscaler, etc.)

• Implement multi-data center deployments where required

• Develop and test disaster recovery procedures

• Configure database replication (if applicable)

• Perform failover and resiliency testing

• Integrate ISAM/ISVA with:

  • Active Directory / LDAP

  • SAML 2.0 / OIDC / OAuth providers

  • Enterprise applications (on-prem and cloud)

  • MFA providers

  • API gateways

• Implement:

  • Reverse proxy junctions

  • Access control policies

  • Federation trust relationships

  • Adaptive authentication and step-up authentication

• Configure advanced access control policies and contextual risk-based access

• Tune reverse proxy performance and connection handling

• Optimize authentication flows and federation transactions

• Conduct performance testing and capacity planning

• Troubleshoot latency, session issues, and authentication failures

• Automate appliance configuration using REST APIs and scripting

• Develop deployment automation (Shell, Python, Ansible, etc.)

• Support CI/CD integration for configuration promotion

• Implement configuration backup and version control processes

• Produce detailed architecture and topology diagrams

• Document build procedures and operational runbooks

• Provide structured handoff to operations/support teams

• 5+ years of hands-on experience with IBM ISAM / ISVA

• Proven experience deploying ISAM/ISVA from scratch in enterprise environments

• Strong experience with:

  • ISVA virtual appliances

  • Web Reverse Proxy configuration

  • Federation (SAML, OIDC, OAuth)

  • LDAP and Active Directory integration

  • Load balancers and networking fundamentals

• Demonstrated experience designing and implementing high availability and disaster recovery solutions

• Strong understanding of authentication protocols and identity federation

• Experience with Linux systems and networking (DNS, TLS, certificates)

• Strong scripting and automation skills

• Experience migrating from ISAM to ISVA

• Experience with containerized ISVA deployments

• Experience integrating ISVA with API security platforms

• Knowledge of zero trust architecture principles

• Experience in financial services, healthcare, or other regulated industries

• Security certifications (CISSP, CISM) or IAM-specific certifications

• Infrastructure-level expertise (not just policy configuration)

• Strong troubleshooting and root cause analysis skills

• Ability to design scalable, resilient, and secure access architectures

• Strong documentation and communication skills

• Ability to independently own platform build and lifecycle

• Fully operational ISAM/ISVA environment built and hardened from the ground up

• High availability architecture successfully implemented and tested

• Federation and access policies securely integrated across enterprise systems

• Clean documentation and operational handoff

• Stable, scalable access management platform ready for production