Identity and Access Engineer

The Identity Engineer is a highly organized, security-minded problem solver dedicated to protecting the company’s information system assets and data. This role involves performing threat intelligence analysis, correlating actionable security events, and collaborating with various internal teams to design, build and maintain security systems. The Identity Engineer will optimize and analyze security postures across the company's technology landscape, enhancing security and operations. 

This position is critical for defending against compromises to our information and computer networks. The Identity Engineer will understand the company’s IT security environment and implement measures to keep our business and platforms secure. 

Responsibilities:

• Design & Development: Develop, implement, and maintain IAM solutions including identity governance, privileged access management (PAM), and authentication frameworks. Collaborate with architecture and development teams to integrate IAM solutions into applications and systems.
• Identity Lifecycle Management: Automate identity provisioning, deprovisioning, and role-based access control (RBAC). Manage identity lifecycles across Active Directory, SSO, and cloud platforms.
• Authentication & Authorization: Manage multi-factor authentication (MFA) solutions, single sign-on (SSO) platforms, and identity federation technologies. Develop access control policies aligned with least privilege principles and business requirements.
• Privileged Access Management (PAM): Implement and manage PAM solutions, ensuring secure access to critical systems and data. Monitor and audit privileged accounts to detect potential misuse.

Qualifications:

• A bachelor’s degree in Computer Science, Management Information Systems, Cyber Security, and/or five (5) years of equivalent experience  
• One or more information security certifications desired: Identity and Access Administrator Associate, Azure Security Engineer Associate, Azure Solutions Architect Expert, Azure Administrator Associate.
• Experience in Identity and Access Management (IAM) with a strong focus on Microsoft Azure.
• Extensive experience with Microsoft Azure IAM services, including Azure AD, Conditional Access, and Privileged Identity Management 
• Deep understanding of IAM principles and practices
• Proven track record of implementing and managing IAM solutions within the Azure ecosystem. 
• Strong skills in scripting languages (e.g., PowerShell, Python) to automate IAM tasks. 
• Understanding of security frameworks (NIST, ISO 27001) and regulatory standards like SOX, HIPAA, and GDPR. Knowledge of RBAC, least privilege principles, and identity governance best practices.
• Strong analytical and problem-solving skills to diagnose and resolve IAM-related issues efficiently.
• Ability to assess security risks and design mitigation strategies.
• Excellent verbal and written communication skills to convey technical concepts to non-technical stakeholders.
• Ability to work collaboratively with cross-functional teams, including IT, security, and business units. 
• Experience managing IAM projects from planning to deployment.
• Ability to balance multiple tasks and deadlines in a dynamic environment.

Werner Enterprises provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, genetic information or veteran status or other status protected by law. We encourage applicants of all ages as we do not discriminate on the basis of an applicant's age.

By clicking “Submit” you are expressly consenting to our  Privacy Policy (available at https://www.werner.com/privacy-policy/) and to Werner Enterprises, Inc., its representatives, and affiliates (“Werner”) contacting you about your inquiry, and that Werner may collect sensitive information about you to consider your employment as explained further in our Privacy Policy.  All information collected will be handled and retained as explained in the Privacy Policy.