Summary
This is a hands-on security position working within the Information Security group and with the internal IT department at large. We are looking for candidates who have a passion for cyber security, identity management, and threat response. You will provide domain expertise to design and develop the capabilities of the identity and access management platform and the automation of application deployment pipelines to the platform.
The Role
In this role, you will be an essential partner and technical specialist for identity and access platform development and provide thought leadership on overall security and authentication across various workflows. You will be a key part of our efforts to enable the business needs in a highly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice.
Responsibilities
Provide design, evaluation, analysis, testing, debugging and implementation of identity and access management programs to support the company’s strategy
Maintain configuration, updates, and overall administration of the identity access management platform
Have a deep understanding of user lifecycle management; including provisioning/de-provisioning, access requests, user entitlements and audit & validations
Maintain standards for access management across the company and department
Collaborate with HRIS, IT service owners, and service desk to troubleshoot and fulfill identity related workflows
Knowledge of identity governance workflows with the concepts of attestation and auditing.
Integrate new applications into the identity access management platform through RESTful APIs, JDBC, flat file, or built-in connectors and configure aggregation, provisioning, and entitlements
Automate identity workflows and processes for lifecycle management, auditing, reporting, governance and self-service
Provide and maintain a RESTful identity API to downstream services
Play an active role in CAA’s security incident response efforts, working to identify and mitigate information security threats
Required Capabilities
A minimum of 4 years in Information Technology, ideally with a focus on information security
A minimum of 2 years’ experience in identity and access management or CyberSecurity
A Bachelor’s or Master’s Degree in a relevant field of work
Experience scripting in at least one of the following languages: PowerShell, Python, JavaScript
Experience with the deployment and support of Zero Trust Identity architecture and infastructure
A strong understanding of the fundamental operations of servers, operating systems, networks, firewalls, cloud applications, and infrastructure
Experience in automation and integration with SaaS applications
Understanding of OAuth, SAML and OpenID frameworks
Experience in lifecycle management and provisioning and de-provisioning
Knowledge of different MFA and compensating controls for identity
Knowledge of privilege identity management, privileged access management, and concepts of just in time provisioning, just enough access, and principal of least privilege
Desired Capabilities
Set up and integrated Single Sign-On with various SaaS vendors
Account set-up and access management
Using and coding against REST APIs
Knowledge and experience of SCIM provisioning and integration
Worked closely with human resources and help desk support staff
Experience supporting and following identity framework or IDaaS
An understanding of the NIST framework and using a continuous improvement loop
Desired Skills
Azure AD, Active Directory, AD Connect, Azure Automation, Power Automate, SAML, OpenID, WS-Fed, SSO, SCIM, OAuth, Programming (java, python), PowerShell, RESTful APIs, MSSQL, OGNL, GraphQL, Workday, SailPoint, Okta, Ping Federate, PingID, Splunk, RBAC
Environment
CAA has a service oriented collaborative environment where we help our colleagues then focus on our own work.
Skills Required
- Minimum 4 years in Information Technology
- Minimum 2 years experience in identity and access management or cybersecurity
- Bachelor's or Master's degree in a relevant field
- Experience scripting in at least one: PowerShell, Python, JavaScript
- Experience deploying and supporting Zero Trust identity architecture and infrastructure
- Strong understanding of servers, operating systems, networks, firewalls, cloud applications, and infrastructure
- Experience in automation and integration with SaaS applications
- Understanding of OAuth, SAML, and OpenID frameworks
- Experience with lifecycle management, provisioning and de-provisioning
- Knowledge of MFA approaches and compensating controls for identity
- Knowledge of privileged identity and privileged access management concepts (JIT, least privilege)
- Participate in security incident response to identify and mitigate information security threats
- Experience setting up/integrating Single Sign-On (SSO) with SaaS vendors
- Experience coding against RESTful APIs and SCIM provisioning/integration
- Familiarity with IAM/IDaaS platforms and tools (e.g., SailPoint, Okta, PingFederate, PingID)
- Familiarity with Azure AD, Active Directory, AD Connect, Azure Automation, Power Automate, Workday, MSSQL, Splunk
- Understanding of NIST framework and continuous improvement loop
Creative Artists Agency Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Creative Artists Agency and has not been reviewed or approved by Creative Artists Agency.
-
Healthcare Strength — Health coverage is considered strong and affordable, with low co-pays and solid plan options frequently highlighted. This makes core medical, dental, and vision coverage a standout part of the package.
-
Leave & Time Off Breadth — Time off is bolstered by an office shutdown around late December alongside standard vacation/holiday and sick time. This combination is viewed as a meaningful boost to practical time away from work.
-
Wellbeing & Lifestyle Benefits — Unique industry access such as screenings, event tickets, and on-site showcases are emphasized as meaningful lifestyle perks. These add distinctive non-cash value for those seeking entertainment exposure and networking.
Creative Artists Agency Insights
What We Do
Creative Artists Agency (CAA) is the leading entertainment and sports agency, with global expertise in filmed and live entertainment, digital media, publishing, sponsorship sales and endorsements, media finance, consumer investing, fashion, trademark licensing, and philanthropy. Distinguished by its culture of collaboration and exceptional client service, CAA’s diverse workforce identifies, innovates, and amplifies opportunities for the people and organizations that shape culture and inspire the world. The trailblazer of the agency business, CAA was the first to build a sports business, create an investment bank, launch a venture fund, found technology start-up companies, establish a philanthropic arm, build a business in China, and form a brand marketing services division, among other innovations. Named Most Valuable Sports Agency by Forbes for eight consecutive years, CAA represents more than 2,000 of the world’s top athletes in football, baseball, basketball, hockey, soccer, in addition to coaches, on-air broadcasters, and sports personalities and works in the areas of broadcast rights, corporate marketing initiatives, social impact, and sports properties for sales and sponsorship opportunities. Founded in 1975, CAA is headquartered in Los Angeles, and has offices in New York, Nashville, Memphis, Chicago, Miami, London, Munich, Geneva, Stockholm, Shanghai, and Beijing, among other locations globally. For more information, please visit www.caa.com.
