Authentication services Sr. SME/Architect

  • Plano, TX
  • Posted 42 days ago | Updated 6 hours ago

Overview

On Site
USD 102,800.00 - 165,100.00 per year
Full Time

Skills

IaaS
IT management
Regulatory Compliance
Planning
Roadmaps
Application development
Cyber security
Strategy
Production support
Training
Knowledge transfer
Continuous integration
Continuous delivery
Insurance
Legal
Design
Shell
J2EE
Business analysis
Business analytics
FOCUS
Information security
SSO
SAML
OAuth
OIDC
Identity management
Lifecycle management
CyberArk
RSA
Directory Services
Oracle
LDAP
Authentication
Java
Node.js
React.js
Sprint
RESTful
JavaScript
Python
Ruby
Windows PowerShell
Scripting
Microsoft Azure
Amazon Web Services
Software deployment
Continuous Integration and Development
Ansible
Terraform
Splunk
Docker
Kubernetes
Linux
Microsoft Windows
Apache HTTP Server
Workflow
Network
Web servers
SSL
Middleware
Cloud computing
Agile
DevOps
CISSP
Siteminder
Communication
Collaboration
Supervision
Analytical skill
Problem solving
Decision-making
Management
Project management
Organizational skills
Law
Documentation
Policies

Job Details

Overview

The Identity Access Management (IAM) Engineer will be the senior technical SME/Architect in the IAM organization and is responsible for architecting, design, implement and support access management solutions in distributed OnPrem & Cloud infrastructure. Skilled in troubleshooting complex technical issues. Works closely with enterprise architects to ensure adequate security solutions are in place to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements. Provides technical leadership and delivers complex projects.

This role is based out of Plano, Texas and requires coming into the office.

Responsibilities

  • Provides subject matter expertise in architecting, solutioning and implementing access management requirements.
  • Provides advanced architecture and engineering expertise to automate and administrator identity and compliance requirements.
  • Drives planning and execution of identity management roadmaps and technology enhancements.
  • Creates and maintains standards surrounding documentation related to identity processes, procedure, and infrastructure.
  • Assesses current applications and architecture to ensure current implementations align with industry guidelines, best practices, and management approved standards.
  • Contribute to the development of the workforce and customer identity and access management strategy.
  • Collaborate with Enterprise Architects, application development teams, Cybersecurity staff, and the infrastructure team to define the enterprise IAM strategy.
  • Provide level 3 production support to help diagnose and troubleshoot production issues.
  • Adapt the architecture to evolving security conditions and support security guidelines.
  • Develop and deliver applicable documentation, training, and knowledge transfer to both internal and external stakeholders.
  • Champion and foster an Agile DevOps culture within the organization by promoting cross-functional collaboration, continuous integration, and continuous delivery practices.

Compensation and Benefits
  • The expected compensation range for this position is between $102,800 - $165,100 based on a full-time schedule.
  • Location, confirmed job-related skills and experience will be considered in setting actual starting salary.
  • Bonus based on performance and eligibility; target payout is 12% of annual salary paid out annually.
  • Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
  • In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.

Qualifications

Minimum Qualifications:
  • 15+ years of overall IT experience.
  • 10+ years of hands-on experience in authentication Architecture, Solutioning and Design roles.
  • 10+years of hands-on experience with Okta and/or relevant access management tools.
  • 7+ years of scripting (power shell, Python) and development (Java, J2EE, JavaScript, React, Rest API) experience.
  • 5+ years working with Agile and DevOps tools and methodologies.
  • Minimum Okta Certified Administrator: Okta Certified Consultant and/or Okta Certified Developer preferred.
  • BS/BA degree or equivalent experience.
  • CISSP / CIAM Certification is a plus.

Preferred Qualifications:
  • Extensive experience in architecting, designing and solutioning authentication services.
  • Broader IAM domain experience with focus on information security
  • Strong expertise in designing solutions with the standard IAM platforms like Okta, PingFederate in enabling single sign-on services for both cloud and on-prem applications.
  • Hands-on experience in building SSO solutions with various protocols like SAML, OAuth, OIDC, and headers-based applications and platforms, preferably Azure AD, Ping, and SiteMinder
  • Strong hands-on experience in designing and architecting Consumer identity and access management solutions
  • Strong understanding of the latest security principles like zero trust and passwordless authentication to implement new standards in the authentication model.
  • Must have working knowledge of Okta Lifecycle Management and Administrative APIs
  • Experience with solutions like CyberArk, Beyond Trust, RSA or comparable products.
  • Excellent understanding of REST integration concepts
  • Experience in directory services like Oracle LDAP, and AD
  • Experience working with cloud-based authentication solutions (e.g., AWS Cognito, Azure AD, Okta).
  • Strong hands-on development experience - Java, Node js, React, Sprint boot, REST API and Java script.
  • Hands on experience with JavaScript, Python, Ruby, PowerShell, or other scripting languages preferred.
  • Experience building CICD pipelines in Azure or AWS
  • Experience in automating application deployment building CICD pipelines using Ansible and terraform.
  • Experience in Monitoring tools like Splunk, ELK, Prometheus, or similar tools
  • Experience with container technologies Docker, Kubernetes
  • Experience with Linux and Windows platforms, middleware, Apache, and load balancers
  • Experience developing workflows, custom connectors, and troubleshooting complex issues.
  • Strong experience in troubleshooting infra issues covering network, web servers, SSL certs, middleware, cloud components, etc.
  • Experience with Agile and DevOps tools and methodologies
  • Minimum Okta Certified Administrator: Okta Certified Consultant and/or Okta Certified Developer preferred.
  • CISSP / CIAM Certification is a plus.
  • Experience in SiteMinder is preferred.

Non-Technical skills:
  • Exceptional communication and interpersonal skills with the ability to influence and collaborate with diverse stakeholders.
  • Deliver outcomes with a little supervision, must be a self-starter and self-motivator.
  • Strong analytical, problem-solving, and decision-making skills, with the ability to manage complex and competing priorities.
  • Strong project management and organizational skills, with the ability to deliver high-quality results.
  • Ability to think strategically and suggest creative solutions.
  • Ability to synthesize complex requirements into simple business practices.
  • Flexible and able to adapt to changing priorities.

EEO Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy .

Please view our Pay Transparency Statement
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.