Cybersecurity Engineer - IAM
Creative Artists Agency · Nashville, TN · 1 wk ago
Information TechnologyFull-time
Responsibilities
- Provide design, evaluation, analysis, testing, debugging and implementation of identity and access management programs to support the company’s strategy
- Maintain configuration, updates, and overall administration of the identity access management platform
- Maintain standards for access management across the company and department
- Collaborate with HRIS, IT service owners, and service desk to troubleshoot and fulfill identity related workflows
- Knowledge of identity governance workflows with the concepts of attestation and auditing
- Integrate new applications into the identity access management platform through RESTful APIs, JDBC, flat file, or built-in connectors and configure aggregation, provisioning, and entitlements
- Automate identity workflows and processes for lifecycle management, auditing, reporting, governance and self-service
- Provide and maintain a RESTful identity API to downstream services
- Play an active role in CAA’s security incident response efforts, working to identify and mitigate information security threats
Requirements
- A minimum of 4 years in Information Technology, ideally with a focus on information security
- A minimum of 2 years’ experience in identity and access management or CyberSecurity
- A Bachelor’s or Master’s Degree in a relevant field of work
- Experience scripting in at least one of the following languages: PowerShell, Python, JavaScript
- Experience with the deployment and support of Zero Trust Identity architecture and infrastructure
- A strong understanding of the fundamental operations of servers, operating systems, networks, firewalls, cloud applications, and infrastructure
- Experience in automation and integration with SaaS applications
- Understanding of OAuth, SAML and OpenID frameworks
- Knowledge of different MFA and compensating controls for identity
- Knowledge of privilege identity management, privileged access management, and concepts of just in time provisioning, just enough access, and principal of least privilege
Desired Capabilities
- Set up and integrated Single Sign-On with various SaaS vendors
- Account set-up and access management
- Using and coding against REST APIs
- Knowledge and experience of SCIM provisioning and integration
- Worked closely with human resources and help desk support staff
- Understanding of the NIST framework and using a continuous improvement loop
Desired Skills
- Azure AD, Active Directory, AD Connect, Azure Automation, Power Automate, SAML, OpenID, WS-Fed, SSO, SCIM, OAuth
- Programming (java, python)
- PowerShell, RESTful APIs
- MSSQL, OGNL, GraphQL
- Workday, SailPoint, Okta, Ping Federate, PingID, Splunk, RBAC