Analyst 5, Identity and Access Management IT Security Global Operations

Company Description

Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today’s needs and tomorrow’s next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we’re living in and that we have the power to shape.

Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.

Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.

Job Description

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Lead Active Directory (AD) Services: Oversee and manage Active Directory infrastructure, including forests, domains, and trusts, ensuring availability, security, and performance.
• Architect and Design Solutions: Design and implement solutions for Active Directory, Azure Active Directory, and hybrid identity environments, ensuring seamless integration with IAM and security policies.
• Manage and Support Identity Lifecycle: Oversee identity lifecycle management, including provisioning, de-provisioning, and governance of accounts, access controls, and roles.
• Secure Access and Authentication: Implement and manage secure authentication mechanisms such as multi-factor authentication (MFA), conditional access policies, and single sign-on (SSO) configurations.
• Lead Incident Response: Act as the technical escalation point for resolving identity-related incidents, focusing on troubleshooting and root cause analysis for AD-related issues.
• Collaborate Across Teams: Work closely with IT, Security, Compliance, and business stakeholders to ensure AD aligns with regulatory requirements and supports business objectives.
• Manage System Upgrades and Patches: Plan and implement upgrades, patches, and changes to AD and IAM systems to ensure system security and minimize downtime.
• Document and Optimize Processes: Develop, maintain, and update operational and technical documentation, ensuring best practices in AD and IAM processes.
• IAM Roadmap: Assist in defining and implementing a strategic roadmap for IAM technologies, especially around directory services and access management.
• Compliance and Audit Support: Ensure AD and identity systems are compliant with regulatory standards (e.g., SOX, NIST), and provide audit support where necessary.
• Mentorship and Training: Provide technical guidance, mentoring, and training to junior team members, fostering a culture of knowledge sharing and continuous improvement.
• Self-motivated, enthusiastic, detail oriented, multi-tasking, status reporting, collaborate in a team environment across multiple time zones.

Professional Attributes

• Leadership: Demonstrated ability to lead cross-functional teams and manage technical resources, driving projects and solutions to successful completion.
• Problem-Solving: Strong analytical and troubleshooting skills with a proactive approach to identifying and resolving issues within complex identity and directory environments.
• Attention to Detail: High level of accuracy and attention to detail in managing, documenting, and implementing identity solutions.
• Effective Communication: Excellent written and verbal communication skills to collaborate effectively with technical and non-technical stakeholders across the organization.
• Strategic Thinking: Ability to align IAM strategies with organizational goals and long-term vision, focusing on scalability and security.
• Adaptability: Capacity to adapt to rapidly changing technologies, priorities, and organizational requirements, while maintaining focus on key objectives.
• Customer-Focused: Strong commitment to delivering excellent customer service by understanding internal stakeholder needs and aligning IAM services accordingly.

Qualifications

REQUIRED:

• BA or BS in Information Technology, Computer Science, Information Security, or a related field. Equivalent hands-on IT experience can be considered in lieu of a degree.
• Relevant certifications such as Microsoft Certified: Identity and Access Administrator, Azure Administrator Associate, or Certified Information Systems Security Professional (CISSP) are highly desirable.
• 8+ years of experience in IT or Information Security, with a strong focus on directory services and identity and access management.
• 6+ years of direct experience with Active Directory, Azure AD (Entra ID), and Identity Lifecycle Management.
• Proven experience in designing, implementing, and managing large-scale identity solutions and Active Directory environments.

SKILLS:

• Scripting and Programming Languages:
  • PowerShell: Advanced proficiency for automating identity tasks, querying Active Directory, bulk management of users, and building custom reports.
  • Python (optional): Familiarity with Python for scripting and integration of identity services in cloud or hybrid environments.
  • Batch Scripting: Knowledge of using batch scripts to automate repetitive tasks for Active Directory management.
  • JavaScript (optional): For customization of identity portals or workflows in IAM platforms.
• IAM and Directory Tools:
  • Azure AD Connect: Deep experience with configuring and managing synchronization between on-premises AD and Azure AD.
  • Active Directory Administrative Center: Proficient in using ADAC for user management, password resets, and managing groups, OUs, and policies.
  • Saviynt (or SailPoint): Experience with leading IAM platforms for identity governance, role-based access, and certification campaigns.
  • Microsoft Identity Manager (MIM): Familiarity with identity synchronization, certificate management, and group management.
  • SSO Tools: Experience with SSO platforms like Okta, Ping Identity, or Microsoft’s native SSO for seamless access to cloud and on-prem services.
  • Multi-Factor Authentication (MFA) Tools: Hands-on experience with MFA solutions like Azure MFA, Duo Security, or RSA SecurID.
• Monitoring and Logging:
  • Event Viewer and Security Logs: Proficiency in using Windows Event Viewer for monitoring and diagnosing Active Directory events.
  • SIEM Tools: Familiarity with Security Information and Event Management (SIEM) platforms like Splunk, Microsoft Sentinel, or QRadar to monitor IAM events.
  • Audit and Compliance Tools: Experience with tools like Quest Change Auditor or Netwrix Auditor to track changes and ensure compliance.
• Cloud and DevOps Tools:
  • Azure DevOps: Experience with pipelines for managing deployment and configuration of IAM solutions in cloud environments.
  • Terraform/Ansible: Familiarity with Infrastructure as Code (IaC) tools like Terraform or Ansible for automating IAM provisioning and configuration.
• Version Control:
  • GitHub/GitLab: Experience with version control systems for managing scripts, configuration files, and other automation resources.
• Language Experience

  • English proficiency in both speaking and writing.

• Logistics

  • Primary work in a general and/or home office environment.
  • Willing to be 24 x 7 on call.
  • Willing to perform work functions cross time zones to support US coverage needs.

Additional Information

Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.

Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at jobs.accommodations@wdc.com to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.

NOTICE TO CANDIDATES: Sandisk has received reports of scams where a payment is requested on Sandisk’s behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to compliance@wdc.com.