Identity and Access Management Engineer

Summary/Function:

Qualifications:

• Bachelor’s degree in Information/Cyber Security, Computer Science, Information Systems, or equivalent combination of relevant professional experience and education including certifications (CISSP, CIAM, CIMP, Security+, or from ISACA, IAPP, Microsoft, etc.)
• Must possess 5+ years of experience designing, implementing, and administering IAM systems and workflows.
• Extensive hands-on knowledge of IAM best practices, procedures, and solutions including Identity Governance and Administration (IGA), PIM, PAM, and identity security platforms such as Microsoft Active Directory / Entra ID, SailPoint Identity Security Cloud, Microsoft PIM, Delinea Secret Server Cloud, and Silverfort.
• Extensive knowledge and experience with IAM protocols such as SAML, OAuth, LDAP, Kerberos, OpenID, TACACS, SCIM, etc.
• Thorough understanding and experience implementing and recommending varying access control models (MAC, RBAC, DAC, RB-RBAC, ABAC, etc.) based on ideal use to conform to least-privilege and segregation of duties.
• Experience in an enterprise Microsoft environment with proficiency in writing and understanding scripting and programming languages.
• Experience working and collaborating effectively with business professionals, technical subject matter experts, and internal/external partners in information gathering and project execution.
• Experience with the monitoring and evaluation of technology processes and controls including design and operating effectiveness, testing, reporting on results, and recommending enhancements.
• Strong project management and organizational skills with demonstrated ability to complete assignments timely and effectively.
• Individual must be able to perform with minimal supervision of routine duties; demonstrate ability to solve problems and deal with a variety of variables and situations where only limited standardization may exist; interpret instructions furnished in written, oral, diagram, or schedule formats; and be able to handle multiple tasks simultaneously.
• Commitment to maintain client confidentiality and data security.
• Communicate in a clear and service-oriented manner; use appropriate, professional language and grammar to effectively exchange ideas and information.

Duties:

• Provide expert knowledge and act as a subject matter expert on key principles of IAM in the areas of authentication and authorization systems, identity lifecycle management, access control models, and identity governance.
• Lead the architectural design, development, implementation, and administration of IAM and PIM/PAM solutions in a complex environment with a blend of legacy on-premises and cloud-hosted systems.
• Evaluate, recommend, and implement IAM and PIM/PAM solutions to continually improve identity workflows for efficiency and security against evolving threats while ensuring only authorized individuals have access to sensitive information systems and data.
• Help develop IAM and PIM/PAM policies, standards, technical documentation, and operational procedures for support.
• Drive standards and support implementations with integrations to and from third parties.
• Identify and help implement solutions that provide optimal and secure single-sign-on (SSO) experiences to employees, contractors, and customers.
• Support infrastructure, hardware, software, system performance, and technology integrations for IAM and PIM/PAM solutions.
• Troubleshoot, identify, and resolve technical IAM related issues.
• Stay updated on current and evolving identity threats, solutions, and identify areas for improving the Firm’s identity security posture.
• Conduct regular audits of accounts and access permissions to detect and prevent security issues.
• Collaborate with other IT teams to enforce and improve identity and access practices across the Firm.
• Help oversee the creation and maturation of policies, standards, and procedures related to IAM and PIM/PAM.
• Help ensure information security teams receive appropriate and timely IAM/PAM logs to swiftly respond to potential threats and access misuse.
• Design continuous controls monitoring program utilizing identity solutions, dashboards, analytics, automation, and other supporting tools.
• Prepare ongoing reports with specified metrics/ key performance indicators related to IAM and PIM/PAM activities.
• Maintain program alignment to internal/external compliance requirements and identified gaps.

What we offer:

• Medical, Dental and Vision
• Company 401(k)and ESOP contribution
• Generous sick, vacation, and maternity/parental leave
• Paid holidays
• Professional Development Opportunities
• Tuition Reimbursement ($15,000 lifetime cap)
• Discounted personal insurance including home, auto and recreational vehicles
• Charitable gift-matching program
• Davidson Day of Giving – Our tradition of positively impacting communities in which we live and work.