At T. Rowe Price, we identify and actively invest in opportunities to help people thrive in an evolving world. As a premier global asset management organization with more than 85 years of experience, we provide investment solutions and a broad range of equity, fixed income, and multi-asset capabilities to individuals, advisors, institutions, and retirement plan sponsors. We take an active, independent approach to investing, offering our dynamic perspective and meaningful partnership so our clients can feel more confident.
We believe doing the right thing for our clients and our associates is good business. With a career at the firm, you can expect opportunities to create real impact at work and in your community. You’ll enjoy resources to support your career path, as well as compensation, benefits, and flexibility to enrich your life. Here, you’ll find a collaborative culture that respects and values differences and colleagues who share a spirit of generosity.
Join us for the opportunity to grow and make a difference in ways that matter to you.
Role Summary
The Senior Infrastructure Operational Analyst within the Identity Access Management (IAM) team is responsible for safeguarding digital identities throughout the organization. This role involves designing, implementing, and managing access policies, user lifecycle processes (onboarding/offboarding), and authentication systems. Leveraging deep expertise in identity management and related security disciplines, the analyst leads critical initiatives, applies comprehensive analysis to deliver innovative solutions, and establishes identity management standards across the enterprise. As an individual contributor, this position collaborates closely with cross-functional partners to influence technical direction and support the implementation of IAM solutions.
Responsibilities
- Define and manage user access roles, permissions, and entitlements in line with the principle of least privilege (Access Governance).
- Automate user provisioning, de-provisioning, and role modifications (Identity Lifecycle Management).
- Administer IAM platforms such as Entra ID, Azure AD, CyberArk, and directory services (System Administration).
- Conduct access reviews, audit logs for unauthorized access, and ensure compliance with regulatory mandates such as PCI and GDPR (Security & Compliance).
- Implement and support authentication protocols including Single Sign-On (SSO), Multi-Factor Authentication (MFA), SAML, and OAuth (Authentication Protocols).
- Provide technical support for identity-related issues and assist incident response teams (Technical Support).
- Configure, administer, operate, and support identity management technologies, integrating with networks, hardware, software, applications, and databases.
- Deliver end-to-end identity management services across all technology domains, including backup, recovery, and disaster recovery strategies.
- Support identity management technologies in complex environments, including data centers, cloud providers, hosted vendor solutions, and co-location facilities globally.
Day-to-Day Activities:
- Identify, plan, and execute identity-driven projects.
- Fulfill IAM-related service requests via ServiceNow.
- Monitor the health of IAM systems and enhance observability across supported services.
- Manage incidents and problems as they arise.
- Implement system changes, supporting modernization and mitigating vulnerabilities (often during off-hours).
- Collaborate with Enterprise Security to address and remediate findings from penetration tests and vulnerability scans.
- Automate manual processes to improve service efficiency.
- Plan and execute migrations of on-premises workloads to AWS as part of the Data Center Exit strategy.
Qualifications
Required:
- Bachelor’s degree (or equivalent combination of education and relevant experience)
- 5+ years of relevant work experience.
- Comprehensive understanding of authentication protocols (SAML, Kerberos, OAuth, OpenID).
- In-depth knowledge of AWS, cloud computing, and identity management integrations.
- Expertise with F5 Access Policy Manager (APM).
- Experience with IBM Security Access Manager (iSAM) and IBM LDAP Server
- Advanced skills in managing Active Directory, Entra ID, DNS, and DHCP.
- Intermediate proficiency in Windows and Linux operating systems, including integration with Active Directory domains.
- Experience with MS Defender for environment security.
- Proficiency in scripting languages such as PowerShell and/or Python.
- Strong verbal and written communication skills.
- Proven ability to work independently and collaboratively, with project management skills.
- Exceptional attention to detail, accuracy, and timeliness.
- Self-motivated and eager to contribute in a creative, highly collaborative corporate environment.
- Ability to participate in off-hours work, including scheduled on-call rotations.
Preferred:
- Knowledge of certificate management.
- Experience with Centrify, Netbackup, Quest Active Roles, CyberArk, and Venafi.
FINRA Requirements
FINRA licenses are not required and will not be supported for this role.
Work Flexibility
This role is eligible for hybrid work, with up to three days per week from home.
Base Salary Ranges
Please review the job posting for the location of this specific opportunity.
$87,000.00 - $148,000.00 for the location of: Maryland, Colorado, Washington and remote workers$95,500.00 - $163,000.00 for the location of: Washington, D.C.
$108,000.00 - $185,000.00 for the location of: New York, California
Placement within the range provided above is based on the individual’s relevant experience and skills for the role. Base salary is only one component of our total compensation package. Employees may be eligible for a discretionary bonus, which is determined upon company and individual performance.
Commitment to Diversity, Equity, and Inclusion
At T. Rowe Price, our associates are our greatest asset. We thrive because our company culture is built on inclusion and because we sustain a work environment where associates can bring their best selves to work every day. The backgrounds, talents, and experiences of our global associates allow us to embrace new ideas and perspectives that move our business priorities forward and enable us to deliver strong client outcomes. Here, you can expect equal opportunity and fair and consistent treatment for all.
Benefits
We value your goals and needs, at work and in life. As an associate, you’ll be supported with resources, benefits, and work-life balance so you can thrive in ways that matter to you.
Featured employee benefits to enrich your life:
Competitive compensation
Annual bonus eligibility
A generous retirement plan
Hybrid work schedule
Health and wellness benefits, including online therapy
Paid time off for vacation, illness, medical appointments, and volunteering days
Family care resources, including fertility and adoption benefits
Learn more about our benefits.
Top Skills
What We Do
T. Rowe Price is an asset management firm focused on delivering global investment management excellence and retirement services that investors can rely on—now, and over the long term. Headquartered in Baltimore, Maryland, we provide an array of mutual funds, subadvisory services, separate account management, recordkeeping, and related services for individuals, advisors, institutions, and retirement plan sponsors. At T. Rowe Price, we believe in strategic investing. It has guided how we do business for more than 80 years, and it’s driven by independent thinking and rigorous research. So our clients can be confident that we’ll strive to select the right investments as we help them achieve their objectives. Strategic investing means that we don’t stop at surface level analysis. Instead, we go beyond the numbers. Our investment professionals travel the world, visiting the companies they evaluate. It’s this passion for exploration and understanding that has helped inform better decision-making and prudent risk management for our clients since its founding by Thomas Rowe Price Jr. in 1937.
