Job Description :
Job Purpose
The Identity and Access Management Security Engineer will be a member of a growing global Information Security team and will specialize in Identity and Access management focusing on solution design and implementation. This position will lead projects to provide expert identity solutions that have an impact on people, processes and enables business. The Engineer will be responsible for protecting the data processed on company systems by ensuring that the appropriate people have access to the right systems at the right time. Mentors Security Engineers, Business Analysts, and global support teams to bolster their understanding of security issues, identity management expertise and gaps and provides oversight of their efforts to secure the identity domain.
Essential Job Duties & Responsibilities
Works with clients to develop Lifecycle Identity and Access Management strategies, architectures, and implementation plans across a global business footprint.
Interacts with customers, team members and on-shore consultants to solve implementation issues.
Conducts API design and development for Automation Frameworks.
Configures and implements IAM products.
Installs, integrates and deploys the SailPoint Identity IQ product.
Experience in Identity & Access Management professional proficient in one or more technologies (SailPoint, CyberArk, Microsoft Azure Security, Duo)
Experience in understanding and implementing against technical IAM architecture designs across six major capability areas:
Identity Lifecycle Management
Identity Data Models
Access Lifecycle Management
Runtime Enforcement
Credential Management
Identity Federation
Maintains strong working relationships with peer groups and business clients.
Defines responses to audit findings and helps provide an understanding of security frameworks within the organization.
Pro-actively identifies potential security issues and leads security staff towards resolution.
Conducts forensic investigations and resolves security problems as needed.
Develops policies and procedures to govern access and prevent unauthorized access.
Leads team projects to help ensure company data, assets and resources are as secure as required.
SailPoint Identity IQ development to convert Java codebase to SailPoint beanshell to provide easier maintenance.
Manages and maintains SailPoint Identity Now Cloud integration for regional and global affiliates.
Other duties
Provide after hours on call assistance as needed.
Knowledge, Skills & Abilities
Strong working knowledge with Cloud Environment (AWS, Azure, GCP
Strong working knowledge with Single Sign-On capabilities (OAuth 2.0, OpenID, SAML 2.0, AD FS) integration and session management for multiple web and cloud applications.
Knowledge in Identity Federation (SAML) configuration and integration across multiple trusted third parties, applications, and systems.
Knowledge in the following programming languages: Java and JavaScript, PowerShell, Python.
Knowledge in the following web technologies: XML, Web and Application Servers, HTML, RESTful APIs.
Knowledge in DevOps, CI/CD pipelines, and application containerization (i.e. Docker
Knowledge in QA duties (usability testing, performance testing, automated testing, test scripts, test cases and test plans
Prior consulting experience is highly desirable.
Ability to take charge and a positive attitude.
Proven ability to work and contribute in a Globally diverse team-oriented environment with little oversight.
Ability to perform under pressure.
Demonstrated multitasking skills in a fast-paced, unstructured environment.
Strong communication (written and verbal) and interpersonal skills.
Excellent customer-facing skills.
Strong written and verbal communication skills.
Education And Experience Required
Bachelor’s degree or equivalent experience and/or education.
10 + years Information Technology experience.
Minimum 7 years Information Security specific experience.
Minimum of 4 years of experience working on identity and access management implementations Implementation/Configuration and deployment.
Security Certification (CISSP, CISM, CCSP) preferred.
Familiarity with Security Testing (SAST, DAST, VNA, TPSA) preferred.
Familiarity with identity management provisioning systems (Okta, Ping, SailPoint, Sun, Oracle, IBM, Novell, ForgeRock) preferred.