Security Engineer III
General Purpose
The Identity and Access Management (IAM) Engineer is responsible for envisioning and taking steps to implement IAM solutions and enhancements. Leads initiatives on IAM services and capabilities from concept through delivery, defining and following discreet procedures and protocols to ensure integrity and compliance. The IAM Engineer leads the product area strategy, roadmap, design and vendor/product due-diligence functions. Serves as a liaison to the other Information Security and IT functional groups, influencing outcomes as appropriate. Operates as the IAM Subject Matter Expert (SME), and provides 3rd level production support.
Essential Functions
- Research, evaluate, develop and implement IAM designs and standards following industry best practices.
- Ensure that current and planned technical solutions are compatible with the company's business needs and strategic objectives.
- Work with the other IT organizations to design, develop, and implement IAM solutions and enhancements in support of development, test, and production environments.
- Ensure that solutions built will ensure stability of the production environment.
- Provide technical expertise and assistance to other IT and Business groups.
- Provide technical assistance to IAM L2 Operations team as required.
- Provides technical assistance to junior staff in the design and implementation of IAM technologies.
- Provide guidance to IAM Delivery team in accordance to strategic objectives.
- Work with IAM vendors for license requirements, issues, changes and enhancements.
- Provide input on IAM roadmap and long-term strategies
- Provide input on architectural decisions.
Qualifications and Special Skills Required
- At least 10 years' experience supporting IT systems, processes or capabilities.
- Six years of Identity and Access Management area experience.
- In-depth knowledge of general information security.
- In-depth knowledge of general cloud security.
- In-depth knowledge of at least 3 of the following services:
- Access Management (Okta-preferred, SAML, Reverse Proxy, OAUTH)
- Privileged Access Management (CyberArk-preferred)
- Identity Governance services (Saviynt-preferred, LDAP, Unix, DB)
- Oloid Passwordless Authentication (Passwordless Authentication)
- Strong knowledge of current IAM space and have a self-driven desire to research current information on the security landscape.
- Experience in Java and other programming languages.
- Knowledge of O365 services.
- Conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services.
- Bachelor's degree preferred or equivalent combination of education and relevant experience.
- Able to work independently and creatively problem solve complex technical problems.
- Able to provide leadership, guidance and training to others.
- Able to provide accurate estimates of timeframes necessary to complete efforts, develop milestones and implementation plans.
- Able to analyze and solve complex problems and to work in a group setting as well as independently.
- Strong verbal and written communication skills.
- Strong organizational and interpersonal skills.
- Strong team player with collaboration skills.
- Strong critical thinking and problem-solving skills.
Physical Requirements/ADA
Job requires ability to work in an office environment, primarily on a computer. Requires sitting, standing, walking, hearing, talking on the telephone, attending in-person meetings, typing, and working with paper/files, etc. Consistent timeliness and regular attendance. Vision requirements: Ability to see information in print and/or electronically. This role requires regular in-office presence, including to engage in in-person team interaction, meetings and collaboration, client support, mentoring, coaching, and/or feedback. However, this role can perform duties effectively using a combination of in-office and remote work.
Supervisory Responsibilities
N/A
Disclaimer
This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at management's discretion.