Senior Identity & Access Management Engineer

Job Description:

General Function / Summary:  

The Senior Identity & Access Management Engineer is responsible for Identity and Access Management (IAM) solutions including lifecycle of accounts, federation, single sign-on and multi-factor authentication, network access control, privileged account management, provisioning and deprovisioning of active directory accounts, user access reviews, certificate and key management & encryption standards.  

Essential Duties: 

• Plan and implement security measures to protect the company’s computer systems, networks, and data. 
• Manage & onboard MFA and SSO solutions to prevent loss of sensitive data through identity theft. 
• Manage privileged account management and role-based access control solutions for various platforms including Windows, Linux, and serverless solutions in multiple environments including in-house, hybrid cloud, and X-as-a-Service resources.  
• Strong knowledge managing Azure Entra ID
• Strong knowledge managing Microsoft NPS for policies and Radius configurations.
• Perform audits of accounts to ensure they meet compliance standards of least privileged access. 
• Integrate application authentication through SSO.  
• Participate and assist with Managed Detection and Response (MDR) team members for incident response to protect corporate IT assets, including intellectual property, regulated data, and the company’s reputation. 
• Configure, troubleshoot, and maintain PAM and RBAC solutions. 
• Monitor systems for irregular behavior and set up preventive measures. 
• Remediate access risks if detected from penetration tests. 
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. 
• Creating user group/user access metrics.
• Strong experience using scripting languages like PowerShell, Python, Ruby or JavaScript with the ability to demonstrate knowledge.
• Analyze information security hardware and software to ensure maximum performance and provide technical expertise for the administration of security tools. 
• Develop and maintain security processes and procedures. 
• Perform monthly, quarterly, yearly user access reviews.
• Manage the AIM governance process and provide improvements.

Minimum Education and Experience Required: 

• Bachelor’s degree or equivalent experience 
• 4+ years of experience administering cyber security solutions 
• 3+ years of experience managing Active Directory
• 3+ years’ experience working performing Identity Access Management duties.
• 2+ years of experience using scripting languages like PowerShell, Python, Ruby or JavaScript.
• Strong knowledge of managing Microsoft NPS Policies or equivalent solutions.
• Strong knowledge with managing both internal PKI and external TLS certificates.
• Strong knowledge managing certificate using Venafi Trust Protection Platform.
• Understanding of FFIEC and NIST frameworks methodologies.
• Experience configuring, operating, and maintaining security systems.
• Strong knowledge of authentication solutions for SSO and MFA. 
• Familiar with networking technologies, network security, and network monitoring solutions. 
• Strong knowledge and experience with PAM and RBAC systems. 
• Knowledge of security protocols and principles. 
• Ability to handle multiple projects and tasks simultaneously and collaborate with all areas of the organization. 
• Excellent written and verbal communication skills. 
• Proficient in Microsoft Office programs. 
• Ability and willingness to consistently live and embrace our core values of Accountable, Inclusive, Transparent, and Focused