Principal Engineer - IAM

The NETS Group is a leading payments services group, enabling digital payments for merchants, consumers and banks across the entire payments value chain. 
 

The Group operates Singapore’s national debit scheme enabling customers of DBS Bank/POSB, HSBC, Maybank, OCBC Bank, Standard Chartered Bank and UOB to make payments using their ATM cards or mobile devices at more than 130,000 acceptance points in the country as well as online payments.

Position Summary

The IAM Engineer plays a critical role in designing, implementing, and maintaining identity and access management solutions that safeguard systems and data through strong authentication, authorization, and access controls.

The ideal candidate will work closely with IT, business application owners, security operations, and information security risk teams to deploy and optimise IAM platforms, develop access governance policies, and strengthen identity‑related detection, monitoring, and response capabilities.

Key Responsibilities

• Design and maintain the enterprise IAM architecture aligned with security strategy and business requirements.
• Design IAM solutions covering identity lifecycle management, SSO, MFA, RBAC/ABAC, and access governance.
• Translate business and application requirements into secure IAM designs and standards.
• Lead the implementation and configuration of IAM platforms across on‑prem, cloud, and hybrid environments.
• Integrate IAM solutions with directories, cloud services, and enterprise applications
• Implement and manage Joiner‑Mover‑Leaver (JML) workflows and automated provisioning/de‑provisioning.
• Establish and enforce access governance controls, including access reviews, certifications, and SoD policies.
• Work closely with vendors and system integrators to deliver IAM solutions, ensuring alignment with architectural and security standards.
• Review vendor designs, configurations, and deliverables to ensure security, scalability, and compliance.
• Collaborate with IT, Security, Risk, and business teams to continuously improve IAM controls and user experience.
• Continuously update the documentation to ensure the KOPs are available commensurate to daily activities.
• Manage and maintain the IAM solution to ensure they are running on approved stable versions.

Requirements

• Minimum 10 years of experience in Identity and Access Management (IAM), with strong hands‑on expertise in architecture, design, and enterprise‑scale implementations.

• Proven ability to design and maintain end‑to‑end IAM architectures across on‑premise, cloud, and hybrid environments.
• Extensive experience implementing and integrating IAM platforms including IGA, SSO, MFA, PAM, and directory services.
• Deep knowledge of identity lifecycle management, access provisioning/de‑provisioning, and governance controls such as access reviews and SoD.
• Strong expertise in IAM integration standards and protocols (e.g. SAML, OAuth 2.0, OpenID Connect, SCIM).
• Demonstrated experience working with IAM vendors and system integrators, including solution evaluation, design review, and implementation oversight.
• Solid understanding of security frameworks, risk, and regulatory compliance, with strong stakeholder communication and documentation skills.
• Strong coding experience (e.g. Java, Groovy, Python, REST APIs) to develop, customise, and maintain custom IAM connectors, plugins, and integrations.
• Relevant professional certifications required, such as SailPoint Certification, or equivalent IAM/security credentials.

Network for Electronic Transfers (Singapore) Pte Ltd.