Back to jobs

Identity and Access Management Engineer

Rocklin, CA; Spokane, WA (HQ)

AgWest Farm Credit is a member-owned financial cooperative that provides financing and related services to farmers, ranchers, agribusinesses, commercial fishermen, timber producers, rural homeowners and crop insurance customers in a seven-state territory in the Western United States. AgWest is part of the 100+ year-old Farm Credit System – the leading provider of credit to American agriculture.

AgWest champions the growth and advancement of agriculture, the value of rural communities, and the vital contribution our customers make to the economy and society. We serve customers in 59 locations throughout the West.

We are in search of an Identify and Access Engineer II or a Senior Identity Access Engineer III to join our Infrastructure and Operations department in Spokane, Washington, or Rocklin, California. This full-time position reports to the Senior Identity Access Management (IAM) Architect and is a practitioner role responsible for the configuration and implementation of IAM solutions. This role works closely with Security, Infrastructure, Human Resources, and Application teams to maintain robust identity lifecycle processes, authentication and authorization controls, and governance frameworks aligned with Zero Trust and least‑privilege principles. This role plays a critical part in advancing AgWest’s enterprise IAM maturity, enabling secure access, and supporting our cloud-forward strategy.

Compensation Information

The base salary range for this position in Spokane, WA is:

Level II: 
Typical starting range is: $72,600 - $99,900
Full base salary range is: $72,600 - $113,600
Annual performance-based incentive at target if 10% of base.

Level III:
Typical starting range is: $80,000 - $124,500
Full base salary range is: $80,000 - $142,000
Annual performance-based incentive at target is 12 or 15% of base depending on experience.

 

The base salary range for this position in Rocklin, CA is:

Level II: 
Typical starting range in Rocklin, California is: $83,100 - $114,600
Full base salary range in Rocklin, California is: $83,100 - $130,400
Annual performance-based incentive target is 10% of base.

Level III:
Typical starting range in Rocklin, California is: $91,500 - $143,000
Full base salary range in Rocklin, California is: $91,500 - $163,000
Annual performance-based incentive target is 12 or 15% of base depending on experience.

 

Essential Duties

Identity Lifecycle & Directory Services

  • Administer and optimize directory services such as Ping One, Entra ID, Active Directory, LDAP, and related identity repositories.
  • Maintain identity data integrity, attribute mappings, schema extensions, automated provisioning, and synchronization processes.
  • Identify gaps in lifecycle processes and recommend enhancements or workflow automation opportunities.

Access Management & Authentication

  • Implement and manage authentication methods.
  • Support and configure SSO integrations using SAML, OAuth, OIDC, and SCIM for enterprise SaaS and on-prem applications.
  • Configure Conditional Access, access packages, entitlement management, and Just-In-Time (JIT) controls

Engineering & Automation

  • Build and maintain identity automation using tools such as PowerShell, Graph API, REST APIs, or Logic Apps.
  • Analyze and improve IAM workflows, reduce manual touchpoints, and increase operational reliability.
  • Troubleshoot complex authentication, directory, and authorization issues across hybrid and cloud environments.

Collaboration & Support

  • Partner with application teams to onboard new systems to the IAM ecosystem.
  • Provide Tier 3 support for IAM‑related incidents and escalations.
  • Assist in IAM roadmap planning, tool evaluations, and proof‑of-concept initiatives.
  • Perform all duties and maintain all standards in accordance with company policies, procedures, and internal controls. 
  • Other duties as assigned.

Travel Requirements

  • AgWest employees may occasionally be asked to travel for all-staff or team meetings not included in the standard travel requirements for the role.

Minimum Qualifications

  • Generally, requires five to seven years’ experience in IAM engineering, security engineering, or related roles
  • Proficiency with Entra ID / Azure AD, Active Directory, Conditional Access, authentication protocols, and SSO/SaaS integrations
  • Strong scripting skills (PowerShell highly preferred)
  • Understanding Zero Trust architecture, least privilege principles, and modern identity frameworks
  • Hands-on experience with MFA, identity federation, and access governance

Preferred Qualifications

  • Experience with IAM tools such as SailPoint, Saviynt, Okta, Ping, CyberArk, or BeyondTrust
  • Familiarity with automation/orchestration (Logic Apps, Azure Automation, Identity Governance workflows, etc.)
  • Knowledge of cloud security (Azure, AWS, or GCP)
  • Certifications such as Microsoft Certified: Identity & Access Administrator, SC‑300, CISSP, or similar
  • Familiarity with identity governance, access reviews, and compliance frameworks (e.g., SOX, NIST)

Workplace Flexibility

  • After an initial in-office training period, this position is eligible for workplace flexibility and a one-time home office stipend.

Benefits Offered by AgWest

  • Medical, dental, and vision insurance 
  • Basic term life and AD&D insurance (fully paid for by the company)
  • Paid days off annually: 15 vacation*, 15 sick, 12 holidays and 3 volunteer
  • 401(k) plan (6% match plus 3% employer contribution)
  • Employee Assistance Program
  • Wellness Program
  • Jeans are welcome at work every day at AgWest! 

*Vacation accrual rates increase with tenure.

Details about insurance and retirement benefits are available at:  https://www.farmcreditfoundations.com/fcfbenefits

#LI-Hybrid 

Job level and starting annual salary will be based on a variety of factors including but not limited to experience, education, certifications/licensure, internal equity, location, business needs and market demands. The listed compensation and benefits information is accurate as of the posting date. AgWest reserves the right to adjust compensation for all positions and modify or discontinue benefits programs at its sole discretion, subject to applicable law.

Qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender orientation, national origin, marital status, age, disability, protected veteran status, or any other classification protected by law.

When you apply for a position with AgWest Farm Credit, we collect personal identifiers (from your resume and other application information you submit), such as your name, email address, mailing address, telephone number(s) and employment and education related information. This helps us evaluate job applicants for hiring opportunities, and, communicate with them. 

To comply with federal regulations for equal employment opportunity and affirmative action (EEO/AA), we track our applicants by gender, race/ethnicity, veteran status, disability status, and the position for which they applied. You will be presented with a voluntary self-identification form as part of this application; we wanted you to know why we collect this information and what we do with it.  Please be aware that this information is kept separate from your application, and not utilized in the selection process. 

For more information about the information AgWest Farm Credit collects, please see the AgWest Farm Credit California Privacy Policy.

Create a Job Alert

Interested in building your career at AgWest Farm Credit? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Select...
Select...
Select...
Select...
Select...
Candidate Sign Off *

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in AgWest Farm Credit’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.