Sr. Identity Access Management Engineer - INF001536
UScellular's Identity and Access Management team responsibilities include account provisioning, role provisioning, role management and identity federation. This includes implementing identity strategies for a variety of different identity types, including Customer, Employee Agent, Service Accounts, and Privileged Identity Management.
This role will focus on building and implementing the Identity and Access Management Security Strategies at UScellular. This includes analysis, design and implementation of Identity and access management (IAM), roles-based access control (RBAC) strategies, on boarding new applications within standards, strengthening user access approval processes, simplifying user access provisioning processes and streamlining user access certification processes. This position is key to enabling a Single Sign On (SSO) experience for authentication and authorization to enterprise systems.
This position also has shared responsibility for production support of IAM Infrastructure including operations, development and system administration. This involves services on the servers and understanding of the overall infrastructure to include the hardware and design, data centers, networks, ports, load balancers, and how all the components interact. Analyze all aspects of the existing infrastructure and recommend modifications that will enhance system reliability, availability, serviceability and scalability. Follow and enforce high-availability and resiliency standards on existing infrastructure. The Sr IAM Engineer will organize and coordinate routine changes, review work plans of team members, advise and participate in change execution and also verification. Assist in defining standards, guidelines, best practices, metrics and continuous validation of best practices. Planning and executing high-availability tests
Provides technical assistance to junior staff in the design and implementation of the IAM technologies including capacity analysis and tuning to meet performance objectives. Strong troubleshooting skills to solve, problems related to infrastructure. Expected to learn and deploy new Identity related products as needed.Location Note:
This role can be performed out of any UScellular business location within our operating footprint.Essential Functions
- Supports the delivery of provisioning process improvement in Role Based Access Controls.
- Enable Single Sign On integrations in multiple integration frameworks, examples include SAML, OAUTH, Open ID
- Troubleshoot application authentication issues for SSO infrastructure, LDAP and additional connected and related system issues.
- Collaborate with project teams and architecture to deliver on key initiatives.
- Participates in on-call responsibilities for critical highly available applications
- Conducts change control and device configuration management activities on all IAM technologies, including inspection or reviews of peer's changes, as well as implementation of changes and support of changes related to the IAM Platform.
- Align new and existing applications and systems to UScellular's IAM/RBAC framework
- Collaborate with the team and architecture on new platforms, IAM roadmap; assess security risks, and identity long-term strategy recommendations.
- Establish solid working relationships with compliancy teams, internal auditors and external auditors
- Establish long-term working relationships with technical resources and business partners
- Proactively identifies gaps, plans, implements, updates, maintains, monitors, and supports enterprise IAM Tools.
- Actively protects the availability, confidentiality, and integrity of customer, employee, and business identity.
- Contribute to the Risk Assessment Program including identifying and scoring risk.
- Contributes to Enterprise IS security team effectiveness by accomplishing additional IAM related results as needed
- Supports the execution of projects and initiatives
- Participates in operations and tactical planning
Preferred Technical Skills
- Bachelor's degree in related technical / business areas or equivalent work experience
- Minimum 7 years' experience implementing and improving user account provisioning, role provisioning and user access certification processes
- Minimum 5 years' experience with IAM\ BAC related projects with identity and access management products
- Strong infrastructure design and documentation skills
- Strong experience in analyzing logs and identifying problems with authentication and authorization.
- Solid understanding of related identity management products, including certificate management, PIM, Multi-factor authentication strategies etc.
- Proven change management skills; proven change agent who consistently delivers results
- Highly flexible and able to adapt to change
- Strong verbal and written communication skills
- Strong organizational and interpersonal skills
- Strong team player with proven collaboration skills
- Strong critical thinking and problem-solving skills
Relevant Technical Skills
- Experience with PingFederate enterprise federation server for user authentication and Single Sign-on
- Experience with Okta - enterprise-grade, identity management service
Strong knowledge of most items listed:
- Solid understanding of UNIX / Linux operating systems; Solid Understanding of the common UNIX and Windows utilities, diagnostic and monitoring tools; Solid Understanding of Certificate management; Familiarity with PIM Tools, such as CyberArk, Thycotic; Familiarity with multi-factor; Scripting experience with Perl, Shell and/or Java highly preferred; Solid understanding of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and DMZ configurations.
- Experience with federation services, including SAML, Reverse Proxy, OAUTH
- Experience with configuring Single-Sign-On authentication schemes across a variety of access management and federation solutions such as Micro-Focus (NetIQ) Access Manger, Ping, SiteMinder, SailPoint etc.
- Experience with Identity Management Infrastructure, LDAP and connected systems, including Micro-Focus (NetIQ) IDM and eDirectory.
: Information Technology Location(s)
: Illinois-CHICAGO_IL Wisconsin-MADISON_WI, Oklahoma-TULSA_OK, Iowa-MARION_IA, Tennessee-KNOXVILLE_TN, Iowa-URBANDALE_IA, Illinois-SCHAUMBURG_IL, Missouri-COLUMBIA_MO, Wisconsin-WAUKESHA_WI, North Carolina-GREENVILLE_NC, Virginia-ROANOKE_VA, North Carolina-WILMINGTON_NC, Oregon-MEDFORD_OR, New Hampshire-BEDFORD_NH, Maine-SOUTH PORTLAND_ME
U.S. Cellular® is an EEO employer and gives consideration to qualified applicants without regard to race/color/age/religion/sex/sexual orientation/gender identity/national origin/disability/veteran status, pregnancy or genetic information.