This position is a backfill and will be responsible in maintaining, developing and updating automation tools and scripts (both customized and off-the shelf) that are primarily written in PowerShell, VB-Net, and SQL, that manage applicant access for 170,000+ individual users
Desired candidate would be that of a person who has worked for a mid-size company that has worked with in-house custom scripts that is looking to grow and take on additional responsibilities.
IDENTITY & ACCESS MANAGEMENT ENGINEER
The responsibilities of the Identity & Access Management Engineer will be to develop and support complex Identity and Access Management (IAM) systems and architecture initiatives by designing, coding, debugging, documenting and maintaining complex programs and system and network activities. They serve as the technical advisor for IAM projects and play an integral role in the delivery of new and improved IAM systems that are reliable and secure. They will ensure ongoing maintenance is scheduled and completed on time, ongoing application onboarding is documented and implemented, and operational support is maintained. The IAM Engineer will ensure that any and all Identity and Access Management services are secure, available, efficient, and meet defined corporate service levels and compliance requirements.
ROLES AND RESPONSIBILITIES:
-Assists with the management of current in-house developed user provisioning system and plays a key role in the design, implementation and deployment of any new or enhanced Identity and Access Management System (IAMS).
-Develops scripts, user interfaces, and data integrations with enterprise systems. Ensures the integrity and security of user identity information by following coding best practices.
-Coordinates the secure transfer and synchronization of institutional data between administrative applications and intranet and Cloud/SaaS applications for electronic authentication and authorization purposes.
-Performs requirements analysis and technical planning in the design and implementation of secure applications in a multi-platform client/server environment.
-Acts as technical liaison for identity-related application development that involves other IT units or administrative and academic departments.
-Maintains authentication and authorization databases for various intranet applications such as the provisioning system, online learning management system, ERP systems, cloud-based applications, and campus portal.
-Evaluates emerging identity management, authorization, and data integration standards such as OAuth2 and SAML.
-Knowledge and experience deploying Windows operating system security features, authentication, and access controls
-Assists with the management of directory services including LDAP schema and tree design.
-Manage and develop the existing Active Directory, AD-LDS, DNS, DHCP, RADIUS, Process Automation and Orchestration, and Virtual Directory Services infrastructure and integrations
-Develop and update automation tools and scripts, primarily written in PowerShell, VB.net, and SQL
-Resolve complex technical issues in a Tier 3 capacity
-Develop and execute project plans in coordination with the project management team and peers, including self-managed projects.
-Participate in a 24x7 on-call engineer rotation supporting our core services
-Find opportunities to innovate, extend and enhance service delivery everywhere possible
REQUIRED TECHNICAL SKILLS:
-5 years of experience with IDM Engineering and building Access Management Platforms and Solutions
-Experience with world class IDM/IAM suites (CA Siteminder, IBM Tivoli Identity Manager, Oracle Identity Manager, Quest One Identity, SailPoint, etc.)
-Experience with Multifactor Authentication and Federation –CA Advanced Authentication (Strong/Risk Authentication), AD Federation Services, RSA SecurID.
-Experience with Privileged Identity and Access Management – CyberArk Privileged Identity Manager, CA Privileged Access Management, or Beyond Trust PowerBroker Privileged Access Management
-Experience in automation using PowerShell.
-Experience working in an enterprise environment with Incident Management, Change Management, and SOX controls
-Foundational knowledge of Identity Management technologies such as SailPoint, PingID, Okta, Microsoft MIM, SSO, Federation, ADFS, SAML, OAuth, OpenID
-Strong understanding of role-based access, least privilege and segregation of duties access control concepts,
-Programming experience: C, C++, Java, Java Script, JSON, Scripting, VB.net, SQL
-Bachelor’s degree in Computer Science, Electrical Engineering, Information Technology, or a relevant field preferred
OTHER KEY QUALIFICATIONS:
-Strong interpersonal and consultative skills
-Ability to effectively prioritize and execute tasks in a high-pressure environment
-Excellent written & verbal communication skills
-Excellent technical documentation skills
-Experience working in a team-oriented, collaborative environment
-Strong work ethic
-Demonstrated initiative and ownership
-Demonstrated ability to effectively interact professionally with a diverse group of people at all levels of the organization
PREFERRED SKILLS AND EXPERIENCE:
-Information security management qualifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA)/ Certified Information Security Manager (CISM) are preferred
-Certified to deploy/maintain one or more IAM/IDM suites