Senior Identity & Access Management Engineer

Job Description:

General Function / Summary:  

The Senior Identity & Access Management Engineer is responsible for Identity and Access Management (IAM) solutions including lifecycle of accounts, federation, single sign-on and multi-factor authentication, network access control, privileged account management, provisioning and deprovisioning of active directory account, user access reviews, certificate and key management & encryption standards.  

Essential Duties: 

• Plan and implement security measures to protect the company’s computer systems, networks, and data. 

• Manage & onboard MFA and SSO solutions to prevent loss of sensitive data through identity theft. 

• Manage privileged account management and role-based access control solutions for various platforms including Windows, Linux, and serverless solutions in multiple environments including in-house, hybrid cloud, and X-as-a-Service resources.  

• Strong knowledge managing Azure Entra ID

• Strong knowledge managing Microsoft NPS for policies and Radius configurations.

• Perform audits of accounts to ensure they meet compliance standards of least privileged access. 

• Integrate application authentication through SSO.  

• Participate and assist with Managed Detection and Response (MDR) team members for incident response to protect corporate IT assets, including intellectual property, regulated data, and the company’s reputation. 

• Configure, troubleshoot, and maintain PAM and RBAC solutions. 

• Monitor systems for irregular behavior and set up preventive measures. 

• Remediate access risks if detected from penetration tests. 

• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. 

• Creating user group/user access metrics.

• Strong experience using scripting languages like PowerShell, Python, Ruby or JavaScript with the ability to demonstrate knowledge.

• Analyze information security hardware and software to ensure maximum performance and provide technical expertise for the administration of security tools. 

• Develop and maintain security processes and procedures. 

• Create procedure documentation and PowerPoint presentations.

• Perform monthly, quarterly, yearly user access reviews.

• Manage & Expand the AIM governance processes and implement process improvements.

Minimum Education and Experience Required: 

• Bachelor’s degree or equivalent experience 

• 4+ years of experience administering cyber security solutions 

• 3+ years of experience managing Active Directory on Prem

• 3+ years of experience managing Azure Entra ID including configuring and managing PIM and Just in Time

• Strong experience configuring and managing Azure Governance

• 3+ years’ experience working performing Identity Access Management duties.

• 2+ years of experience using scripting languages like PowerShell, Python, Ruby or JavaScript.

• Strong knowledge of managing Microsoft NPS Policies or equivalent solutions.

• Strong knowledge with managing both internal PKI and external TLS certificates.

• Experience managing certificate using Venafi Trust Protection Platform or similar tools

• Understanding of NIST CFS & ISO27001/2 frameworks methodologies.

• Experience configuring, operating, and maintaining security systems.

• Strong knowledge of authentication solutions for SSO, MFA & Digital identities. 

• Familiar with networking technologies, network security, and network monitoring solutions. 

• Strong knowledge and experience with PAM and RBAC systems. 

• Knowledge of security protocols and principles. 

• Ability to handle multiple projects and tasks simultaneously and collaborate with all areas of the organization. 

• Excellent written and verbal communication skills. 

• Proficient in Microsoft O365 programs. 

• Ability and willingness to consistently live and embrace our core values of Accountable, Inclusive, Transparent, and Focused