Identity and access management engineer - Assoc Manager

Overview

Role description

The Identity Access Management (IAM) Engineer will be the senior technical SME in the IAM organization and is responsible to architect, design, Implement and support access management solutions in distributed OnPrem & Cloud infrastructure. Skilled in troubleshooting complex technical issues. Works closely with enterprise architects to ensure adequate security solutions are in place to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements. Provides technical leadership and deliver complex projects.

Responsibilities

Accountabilities

• Provides subject matter expertise in solutioning and implementing access management requirements

• Provides advanced architecture and engineering support to automate and administrator identity and compliance requirements.

• Drives planning and execution of identity management roadmaps and technology enhancements.

• Creates and maintains standards surrounding documentation related to identity processes, procedure and infrastructure.

• Assesses current applications and architecture to ensure current implementations align with industry guidelines, best practices and management approved standards.

• Contribute to the development of the workforce and customer identity and access management strategy.

• Collaborate with Solution Architects, application development teams, Cybersecurity staff, and the Infrastructure team to define the enterprise IAM strategy.

• Provide level 3 production support to help diagnose and troubleshoot production issues.

• Adapt the architecture to evolving security conditions and support security guidelines.

• Develop and deliver applicable documentation, training, and knowledge transfer to both internal and external stakeholders.

• Foster the Agile DevOps culture through latest toolset to improve customer satisfaction through rapid, continuous delivery

Qualifications

Experience required

• 8+ years of total IT experience

• Bachelors in engineering, Computer Science, or related field

• 6+ years of experience in broader IAM technologies and cybersecurity practices

• 4+ years as SME/Architect in IAM including workforce and CIAM

• 4+ years hands-on experience in implementing simple to complex SSO integrations leveraging modern protocols and legacy header based architectures

• 4+ years in Okta and/or relevant access management tools

• 3+ years of development experience using Java, J2EE, JavaScript, python and XML.

• 4+ years of experience with Linux and Windows platforms, middleware, Apache and load balancers

• 5+ years of experience developing workflows, custom connectors, and troubleshooting issues

• 5+ years of experience in data security practices and procedures, including systems analysis, authentication technologies, and access controls

• 4+ years working with Agile and DevOps tools and methodologies

• Minimum Okta Certified Administrator; Okta Certified Consultant and/or Okta Certified Developer preferred.

• CISSP / CIAM Certification is a plus

• Experience in Siteminder is preferred

Mandatory Technical Skills

• Experience in architecting, designing and leading identity lifecycle management efforts

• Strong expertise in designing solutions with the standard IAM platforms like Okta, PingFederate in enabling single sign-on services for both cloud and on-prem applications.

• Hands-on experience in building SSO solutions with various protocols like SAML, OAuth, OIDC, and headers based applications and platforms, preferably Azure AD, Ping, and Siteminder

• Experience in directory services like Oracle LDAP, and AD

• Good understanding of the latest security principles like zero trust and passwordless authentication to implement new standards in the authentication model

• Experience with Okta Customer Identity products (CIAM) required

• Must have working knowledge of Okta Lifecycle Management and Administrative APIs

• Ability to implement automated provisioning of end-point by using custom provisioning flows, SCIM or JIT capabilities.

• Experience with solutions like CyberArk, BeyondTrust, RSA or comparable products.

• Excellent understanding of REST integration concepts

• Strong experience with C#, Java, or another object-oriented programming language preferred

• Experience with JavaScript, Python, Ruby, PowerShell, or other scripting languages preferred

• Familiarity with Agile and DevOps tools and methodologies

• Minimum Okta Certified Administrator; Okta Certified Consultant and/or Okta Certified Developer preferred.

• CISSP / CIAM Certification is a plus

• Experience in Siteminder is preferred

Mandatory Non-technical skills

• Strong English oral and written communications skills
• Ability to work within project timelines
• Deliver outcomes with a little supervision, must be a self-starter and self-motivator
• Proactive approach and enthusiasm for problem identification and solving
• Ability to think strategically and suggest creative solutions
• Ability to synthesize complex requirements into simple business practices
• Flexible and able to adapt to changing priorities