Principal Identity Engineer

SPHERE is seeking a self-starting and experienced security professional to join our team. Your passion for finding creative approaches to solve security problems will shine as you troubleshoot existing and create new security capabilities that close information gaps, strengthen our defenses, and defend some of the largest companies in the world from emerging security threats. SPHERE is a fast-paced team that constantly provides new opportunities to learn and grow.

Essential Functions:

• Lead the design and installation of the SPHEREboard product suite into client environments, ensuring compatibility and functionality across Windows, UNIX, and database assets.
• Integrate and manage multiple client data feeds within the SPHEREboard environment, ensuring accurate and real-time visibility into entitlements and access.
• Utilize historical knowledge of IT infrastructure to conduct in-depth analysis of client environments, focusing on the identification of technical, financial, and reputational risks related to identity and access management.
• Develop and implement remediation plans based on best practices, prioritizing actions that effectively mitigate vulnerabilities while maintaining a balanced risk/reward change control environment.
• Present risk reduction strategies and findings to the Chief Security Officer (CSO) and heads of the Identity and Access Management (IAM) team, providing clear recommendations and actionable insights.
• Lead and drive initiatives aimed at remediating identified risks, coordinating efforts across cross functional teams and client stakeholders.
• Provide training and guidance to clients on how to leverage the benefits and capabilities of the SPHEREboard toolset effectively.
• Assess client workflows to determine best practices for establishing sustainable, controlled IAM environments that align with industry standards and compliance requirements.
• Document and evidence remediations, updating client runbooks and ensuring that all actions are well-documented for audit and compliance purposes.
• Recommend and implement new controls and security measures to ensure the long-term sustainability and security of IAM environments.
• Prepare client stakeholders for audit reviews by reviewing evidence of IAM processes, controls, and documentation that are in compliance with regulatory and industry standards.
• Collaborate closely with the internal product development team to provide insights, feedback, and requirements for new enhancements to the SPHEREboard product suite. 

Requirements:

• A minimum of 5 years of hands-on experience as a Windows Server or Database System Administrator, preferably in a 2nd or 3rd-tier technical support role, or in a similar capacity, with a strong background in managing Windows and database environments.
• Profound working knowledge of entitlements within Windows Active Directory, Unix, and database permissions, including experience in designing and implementing access control policies.
• Exceptional understanding of account management, with a specific focus on privileged access and service accounts, including best practices for securing and monitoring these accounts.
• Familiarity with a range of security solutions, including but not limited to Varonis, StealthBits, Symantec, CyberArk, Centrify, BeyondTrust, SailPoint, and Oracle Identity Manager (OIM).
• Experience in data collection from systems like ServiceNow, Splunk, or other data lakes, along with the ability to extract and normalize data for the establishment of routine feeds for IAM processes.
• Proven track record in driving remediation programs related to Users, Accounts, Groups, or File Permissions, with the ability to assess, plan, and execute these initiatives effectively. 
• Strong capability to manage complex relationships with senior managers within large corporate environments, including the ability to influence and garner support for IAM initiatives.
• A history of documenting and evidencing sustainable controls for the ongoing reduction of risk, including the development and maintenance of comprehensive IAM policies and procedures. 
• Proficiency in generating reports and effectively discussing risk reduction strategies with senior management, translating technical details into business-focused language.