Cybersecurity Engineer Identity Governance & Administration (IGA)

• The position is described below. If you want to apply, click the button at the top or bottom of this page. After you click and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.
• Need Help? (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/Career\_site\_FAQ-1758133253710.pdf) _If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to_ Accessibility (careers@truist.com?subject=Accommodation%20request) _(accommodation requests only; other inquiries won't receive a response)._

• Regular or Temporary:

• Regular

• Language Fluency:

• English (Required)

• Work Shift:

• 1st shift (United States of America)
• Please review the following job description:
• The Cybersecurity Engineer - IGA is responsible for supporting the onboarding of applications into the organization's Identity Governance & Administration (IGA) platform.

This role ensures applications are integrated with standardized access controls, federation, MFA, and Separation of Duties (SoD) policies. The engineer serves as a subject matter expert in identity lifecycle management, access certification, and governance processes, collaborating with application owners, security architects, and engineering teams to ensure secure, compliant access across the enterprise. Responsible for developing and maintaining the technical IT/cyber security capabilities necessary for safeguarding the firm's information systems and applications (software development lifecycle).

• This position requires onsite presence five days per week, with Raleigh, NC designated as the preferred location.

Charlotte/Wilson/Greensboro, NC and Atlanta, GA will also be considered. For this opportunity, Truist will not sponsor an applicant for work visa status or employment authorization, nor will we offer any immigration-related support for this position (including, but not limited to

H-1B, F-1 OPT, F-1 STEM OPT, F-1

CPT, J-1, TN-1 or TN-2, E-3, O-1, or future sponsorship for U.S. lawful permanent residence status.)

• Essential Duties and Responsibilities
• Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
• Application Onboarding & Integration
• + Support the end‑to‑end onboarding of applications into the enterprise IGA platform (e.

g., SailPoint, Saviynt, Omada). + Conduct intake assessments to determine integration requirements such as access models, connectors, roles, and entitlements. + Collaborate with application owners to define access workflows, provisioning methods (API, SCIM, JDBC, AD groups, etc.), and approval paths. + Develop and maintain integration documentation and technical specifications.

• Federation & MFA Enablement
• + Work with IAM engineering teams to establish federation using SAML, OAuth, OIDC, or WS‑Fed.

+ Ensure the correct MFA policies are applied based on application sensitivity, user type, and organizational standards. + Validate that authentication flows follow Zero Trust principles and align with enterprise identity architecture. + Troubleshoot authentication, token, and SSO issues during onboarding or post-deployment.

• Separation of Duties (SoD) & Policy Enforcement
• + Implement and enforce SoD controls by aligning application entitlements to governance policies.

+ Conduct detailed SoD risk analysis for new applications to identify conflicts and propose remediation. + Collaborate with internal audit and compliance to maintain SoD rule sets and support audit findings. + Ensure access roles and entitlements are structured to prevent toxic combinations of privileges.

• Identity Lifecycle & Governance Support
• + Assist in maintaining identity data quality, entitlement hygiene, and governance standards. + Monitor the health, performance, and accuracy of application connectors.
• Security, Compliance & Risk Management
• + Ensure onboarded applications meet enterprise security baselines, MFA requirements, and identity governance policies. + Support compliance initiatives such as SOX, PCI, HIPAA, or internal audit reviews. + Contribute to risk assessments for new and existing application integrations. + Document and remediate gaps in access controls, authentication flows, or identity governance processes.
• Qualifications

• Required Qualifications:

• The requirements listed below are representative of the knowledge, skill and/or ability required.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. + Bachelor's degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience + In-depth knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security + Previous experience in planning and managing IT projects

• Preferred Qualifications:

• + Bachelor's degree and six years of experience or an equivalent combination of education and work experience + Banking or financial services experience +

Certifications:

• CIAM, CISM, CISSP, Security+, Azure/AWS identity certs
• , or vendor‑specific IGA certifications.

+ Background in enterprise directory services (Azure AD/Entra

ID, AD DS

). + Experience with large-scale enterprise application portfolios. + Excellent analytical and problem-solving skills + Strong documentation and communication abilities + Attention to detail and security risk awareness + Collaborative mindset

• This position requires onsite presence five days per week, with Raleigh, NC designated as the preferred location. Charlotte/Wilson/Greensboro, NC and Atlanta, GA will also be considered.
• Other Job Requirements / Working Conditions
• Sitting
• Constantly (More than 50% of the time)
• Visual / Audio / Speaking
• Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.
• Manual Dexterity / Keyboarding
• Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.
• Availability
• Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.
• Travel
• Minimal and up to 10%
• General Description of Available Benefits for

Eligible Employees of Truist Financial Corporation:

• All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.

Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist's generous benefit plans, please visit our Benefits site (https://benefits.truist.com/) . Depending on the position and division, this job may also be eligible for Truist's defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

• _Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace._
• EEO is the Law (https://www.

eeoc.gov/sites/default/files/2022-10/EEOC\_KnowYourRights\_screen\_reader\_10\_20.pdf) E-Verify (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/E-Verify\_Participation\_Poster-1757074518541.pdf) IER Right to Work (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/IER\_RightToWorkPoster-1757074222028.pdf)