Principal Engineer, Identity Services

Principal Engineer, Identity Services - Direct-Hire/FTE - Remote (PT)

Title: Principal Engineer, Identity Services
Location: Remote (PT)
Compensation: $200-240K Annual Salary
Work Requirements: , Holders or Authorized to Work in the U.S.

JOB DESCRIPTION
Principal Engineer, Identity Services Location: US Remote Division: Tech Ops Line Manager: Manager, Identity Services

THE TEAM: The Identity Services team is responsible for all things Identity and Access Management (IAM) within the company. The core scope of responsibility includes Active Directory, ADFS, Okta, Adaxes, bastion and jumpbox implementations, multi-factor authentication, security keys, and various other access solutions.

THE JOB: As a Principal Engineer on the Identity Services team, you will report directly to the Identity Services Manager. Your role is to lead formation of technical strategy and assist in both planning and implementing work related to IAM services supported by the team. You will be responsible for designing, implementing, and maintaining robust identity and access management (IAM) solutions that ensure the security and privacy of our digital ecosystem while applying least privilege principles. The role involves working with various stakeholders to ensure seamless provisioning, deprovisioning, authentication and authorization of user access to systems, applications, and data while maintaining the highest security standards.

The ideal candidate will have deep experience with identity and access management frameworks, hands-on experience with IAM technologies, and a strong understanding of security protocols, compliance standards, and cloud environments. You are an IAM guru and will be supporting a high-volume 24x7 production environment. You will provide technical mentorship and guidance to junior team members. You will write tools to automate routine and complex tasks and troubleshoot application and infrastructure issues. The position includes collaboration with various teams to design a scalable and supportable service-oriented architecture. This role will be expected to be a subject matter expert on many of these IAM services, and help drive efforts to improve automation, tooling, identity governance, and access technologies.

WHAT YOU WILL BE DOING
Tactical Work (20%): Implementation of planned project work, as well as support of operational tickets from internal customers. This includes hands-on coding, debugging, and deploying fixes when necessary.
Solutions Architecture (30%): Design architectures that enable seamless integration and consumption of infrastructure provisioning, deprovisioning, authentication and authorization services by tech teams. This involves creating documentation, diagrams, and proof-of-concepts.
Strategic Work (50%): Participate in planning sessions, roadmap discussions, and architecture reviews, contributing valuable insights to set the direction for future technology implementations.

This is an exciting time to come on board, as we focus on efforts towards modernization and operability, expanding capacity, and enhancing our IAM offerings in a number of ways. You will also:
Provide subject matter expertise for IAM technologies
Design robust highly scalable architecture for IAM solutions
Exercise independent judgment in methods, techniques, and evaluation criteria for obtaining results.
Provide mentorship and coaching to junior team members
Proactively identify and address stability, capacity, and performance concerns for provisioning, deprovisioning, authentication, and authorization
Implement automation & IaC solutions
Complete assigned project related work from Jira tickets following Scaled Agile Framework (SAFe) methodology
Check in code for infrastructure build, automation, & tests to version control repository (GitLab)
Support PCI / security compliance requirements (upgrades, defect management, etc)
Regularly work with Jira, GitLab, Prometheus, Grafana, Splunk
Liaise with other teams (Networking, Data Center Ops, Security, etc) as required
Respond to, recover from, and prevent future occurrences of failures & outages
Participate in on-call and potentially some after-hours support as required

WHAT YOU NEED TO KNOW (or TECHNICAL SKILLS/COMPETENCIES)
Microsoft Active Directory (and related components such as Group Policy, ADFS, LDAP, AD integrated DNS) expertise
Okta identity solution platform
Two-factor authentication best practices, and hardware key management (we use YubiKey)
Oauth authentication
Identity lifecycle management (provisioning, deprovisioning) and integration with systems
Adaxes unified Active Directory management platform
Jumpbox / bastion host access management practices
DevOps and SRE: Experience with Gitlab, CI/CD tooling, Monitoring and Alerting, and SRE practices.
Compliance and Security: Understanding of PCI Compliance and Security Best Practices.
Software Engineering: Desired experience in software development, including but not limited to coding in languages like Python, Java, or Go, understanding of software design patterns, and experience with code reviews and version control systems like Git.
Experience managing large-scale Linux (preferred) and/or Windows (bonus) infrastructure
Cloud Expertise: Solid understanding of cloud services like AWS or Google Cloud Platform
Agile Practices: Must have experience with Agile methodologies.
Experience working as a key contributor in a fully remote team

YOU (BEHAVIOURAL SKILLS/COMPETENCIES)
Extremely knowledgeable on IAM related subject matter
Capable and comfortable working on highly strategic, complex, and high-risk undertakings
Autonomous and proactive
Passionate and self-starting, focused on iterative delivery and data-driven decision-making.
Problem-Solving: Exceptional ability to analyze complex issues, synthesize problem statements, and propose valuable problems to solve.
Communication: Excellent written and verbal communication skills, capable of facilitating cross-team collaboration.
Comfortable with working in cross functional and multidisciplinary teams
Excited about taking on challenging technical problems and devising creative solutions
Deeply concerned with the security and compliance implications of your services and solution

About INSPYR Solutions

Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.

INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.