Jobs · Information Technology · Georgia

Identity and Security Engineer

Greenberg Traurig, LLP · Atlanta, GA · 2 wk ago
HybridInformation TechnologyFull-time

Position Summary

The Identity & Security Engineer is responsible for the engineering, architecture, security and monitoring of the firm’s core identity services and hybrid integrations, primarily within Microsoft cloud ecosystems, with a growing presence in AWS and GCP. The engineer designs and implements enterprise identity and access management solutions, leads the design of secure authentication and authorization frameworks, drives automation and engineering best practices, performs root cause analysis on complex identity-based incidents, and ensures secure access to applications and resources at scale.

Key Responsibilities

  • Designs, implements, optimizes, and maintains enterprise identity platforms (e.g. Active Directory Domain Services, Entra ID, SSO, MFA), including architecture, capacity planning, and lifecycle management

  • Architects, implements, and improves secure identity frameworks across on-premise and cloud environments, including role-based access control (RBAC), least privilege access models, just-in-time (JIT) access models, conditional access policies, and access lifecycles to reduce over-privilege

  • Defines and improves identity role design to reduce over-privilege

  • Establishes governance for non-human identities (service accounts, automation identities, app registrations) and implements guardrails that prevent unmanaged credentials and high-risk identities

  • Buils integrations between identity platforms and business systems and applications

  • Collaborates with technology teams, including security, compliance, application, DevOps, and infrastructure to implement and ensure secure identity practices across on-premises and cloud environments

  • Leads PKI design standards, hardening, modernization efforts and certificate-based authentication risk reduction

  • Builds detection logic, monitoring, and auditing capabilities to identify and evaluate anomalous user and identity behavior

  • Leads detection engineering and incident response for identity and access threats using ITDR, EDR, and SIEM tools, and develops playbooks for containment and remediation

  • Pairs with Information Security on identity threat detection and response

  • Provides Tier 3 escalation support and guidance, and leads root cause analysis for complex identity issues impacting privileged access and authentication across on-prem and cloud environments

  • Implements and maintains security configurations to protect against unauthorized access and other security threats against the firm’s on-prem infrastructure and cloud-based platforms

  • Develops, maintains, and reviews automation frameworks, scripts, and infrastructure-as-code to drive process improvement and reduce manual administrative and routine tasks

  • Partners with information security and compliance teams to design controls and engineer evidence collection that demonstrate compliance with industry standards

  • Leads project delivery and execution of tasks related to areas of identity responsibility, including requirements, design, implementation, testing, rollout, and operational transition

  • Evaluates and recommends emerging technologies, trends, and best practices in identity and access management, identity protection and governance

  • Authors design documentation, runbooks, and standards, and enforces identity governance procedures across the team

Qualifications

  • Deep expertise in AD DS, Entra ID, ADCS, and Single Sign-On

  • Expert knowledge of identity and access management and role-based access controls

  • Expertise designing and engineering federation and multifactor authentication solutions

  • Expertise in authentication and authorization protocols and flows (Kerberos, SAML, OAuth 2.0, and OIDC, SAML, LDAP)

  • Good working knowledge of public key infrastructure (PKI) and certificate lifecycle management

  • In-depth knowledge of Microsoft Windows operating systems

  • Strong understanding of Zero Trust security principles

  • Advanced automation and scripting skills (PowerShell, Microsoft Graph API, Python, Terraform, or similar)

  • Fundamental understanding of AI model infrastructure and AI agent security

  • Strong analytical, critical thinking, and problem-solving skills

  • Ability to troubleshoot and resolve complex system, application, security, and performance issues

  • Strong communication, interpersonal, and cross-functional collaboration skills

  • Ability to articulate issues, risks, and proposed solutions to various levels of technology staff, management, and non-technical audiences

  • Strong attention to detail and accuracy

  • Ability to document and maintain security and monitoring policies, procedures, and configurations

  • Ability to multitask efficiently yet prioritize and organize competing work demands

  • Demonstrated integrity and commitment to strict ethical standards in all professional dealings

  • Proven record of reliability and dependability

  • Proven ability to work independently and collaboratively in a fast-paced, and security-conscious environment

  • Proven ability to work flexible hours and be on-call

Similar jobs