Sr. Identity and Access Management Engineer

The Senior Identity & Access Management Engineer responsibilities will be to develop and support complex Identity and Access Management (IAM) systems and architecture initiatives by designing, coding, debugging, documenting and maintaining complex programs and system and network activities. They serve as the technical lead for IAM projects and play an integral role in the delivery of new and improved IAM systems that are reliable and secure.  They will ensure going maintenance is scheduled and completed on time, ongoing application onboarding is documented and implemented, and operational support is maintained. The Senior IAM Engineer will ensure that any and all Identity and Access Management services are secure, available, efficient, and meet defined corporate service levels and compliance requirements.

ROLES AND RESPONSIBILITIES:
-Assists with the management of current in-house developed user provisioning system and plays a key role in the design, implementation and deployment of any new or enhanced Identity and Access Management System (IAMS).
-Develops scripts, user interfaces, and data integrations with enterprise systems. Ensures the integrity and security of user identity information by following coding best practices.
-Coordinates the secure transfer and synchronization of institutional data between administrative applications and intranet and Cloud/SaaS applications for electronic authentication and authorization purposes.
-Performs requirements analysis and technical planning in the design and implementation of secure applications in a multi-platform client/server environment.
-Acts as technical liaison for identity-related application development that involves other IT units or administrative and academic departments.
-Maintains authentication and authorization databases for various intranet applications such as the provisioning system, online learning management system, ERP systems, cloud-based applications, and campus portal.
-Evaluates emerging identity management, authorization, and data integration standards such as OAuth2 and SAML.
-Knowledge and experience deploying Windows operating system security features, authentication, and access controls
-Assists with the management of directory services including LDAP schema and tree design.
-Manage and develop the existing Active Directory, AD-LDS, DNS, DHCP, RADIUS, Process Automation and Orchestration, and Virtual Directory Services infrastructure and integrations
-Develop and update automation tools and scripts, primarily written in PowerShell, VB.net, and SQL
-Resolve complex technical issues in a Tier 3 capacity
-Develop and execute project plans in coordination with the project management team and peers, including self-managed projects.
-Participate in a 24×7 on-call engineer rotation supporting our core services
-Find opportunities to innovate, extend and enhance service delivery everywhere possible

REQUIRED TECHNICAL SKILLS:
-5+ years of experience with IDM Engineering and building Access Management Platforms and Solutions
-Experience with world class IDM/IAM suites (CA Siteminder, IBM Tivoli Identity Manager, Oracle Identity Manager, Quest One Identity, SailPoint, etc.)
-Experience with Multifactor Authentication and Federation –CA Advanced Authentication (Strong/Risk Authentication), AD Federation Services, RSA SecurID.
-Experience with Privileged Identity and Access Management – CyberArk Privileged Identity Manager, CA Privileged Access Management, or Beyond Trust PowerBroker Privileged Access Management
-Experience in automation using PowerShell.
-Experience working in an enterprise environment with Incident Management, Change Management, and SOX controls
-Foundational knowledge of Identity Management technologies such as SailPoint, PingID, Okta, Microsoft MIM, SSO, Federation, ADFS, SAML, OAuth, OpenID
-Strong understanding of role-based access, least privilege and segregation of duties access control concepts,
-Programming experience: C, C++, Java, Java Script, JSON, Scripting, VB.net, SQL

REQUIRED EDUCATION:
-Bachelor’s degree in Computer Science, Electrical Engineering, Information Technology, or a relevant field preferred

OTHER KEY QUALIFICATIONS
-Strong interpersonal and consultative skills
-Ability to effectively prioritize and execute tasks in a high-pressure environment
-Excellent written & verbal communication skills
-Excellent technical documentation skills
-Experience working in a team-oriented, collaborative environment
-Strong work ethic
-Demonstrated initiative and ownership
-Demonstrated ability to effectively interact professionally with a diverse group of people at all levels of the organization

PREFERRED SKILLS AND EXPERIENCE:

-Information security management qualifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA)/ Certified Information Security Manager (CISM) are preferred