Senior Identity and Access Management Engineer

Information TechnologyRemote, Houston, Texas Minneapolis, Minnesota


Description

* 100% Remote unless residing within 50 miles of our Houston or Minneapolis office 
 
A Senior IAM Engineer will play a critical role in ensuring the stability, performance, and optimal functionality of our Identity and Access Management Platform. You will collaborate with cross-functional teams, providing advanced support and troubleshooting to address complex issues and enhance the overall user experience. As a Senior IAM Engineer, you will lead the strategic planning, implementation, and management of complex IAM and Active Directory solutions. This senior position demands a strategic approach to enhancing our IAM framework, ensuring scalable, secure, and robust identity management processes. You will spearhead projects that integrate IAM functions across multiple platforms, provide expertise on security best practices, and mentor team members while advancing our organizational IAM maturity.
 
 
ESSENTIAL DUTIES AND RESPONSIBILITIES

  • Administer and manage Active Directory, Azure AD, and related IAM services, ensuring system availability and reliability.
  • Execute user access reviews and privilege audits to comply with security governance and regulatory compliance.
  • Coordinate with business units to understand and facilitate their IAM requirements and access needs.
  • Troubleshoot IAM-related issues and respond to incidents in a timely manner.
  • Contribute to the development and refinement of IAM automation processes using scripting languages.
  • Analyze system logs and reports to identify potential security risks and recommend mitigation strategies.
  • Assist in the development of user training programs on security awareness and best practices.
  • Lead the design and architecture of comprehensive IAM solutions that align with business objectives and IT security standards.
  • Oversee the deployment and integration of IAM systems, including Active Directory, across on-premises and cloud environments, including SAML knowledge along with SSO.
  • Develop and enforce policies for identity lifecycle management, access management, and directory services.
  • Conduct advanced IAM analytics for predictive threat modeling and risk assessment.
  • Drive IAM project management, including scope definition, timeline coordination, and resource allocation.
  • Responsibility for highly privileged access controls, provisioning/de-provisioning of accounts across systems and responding to audit and regulatory requests.
  • Oversee periodic compliance audits.
  • Manage remediation activities in response to access recertification, audit and/or assessment findings pertaining to inappropriate user access.
  • Manage the process for the ongoing (continuous) employee access to specific systems and tools, with emphasis on review of system access changes due to individual positions or organizational restructuring, including communication with business and data owners.
  • Manage the receipt and review of requests for new employees and third party / vendor for identity and system access.
  • Overseeing the management of Auth0 accounts, tailored for a multi-tenant architecture encompassing numerous databases and organizations.
  • Utilizing Infrastructure as Code with a focus on Terraform for automated infrastructure management.
  • Developing server-side solutions in Node.js.
  • Crafting server-side applications in Node.js to meet Open API specifications.
  • Developing custom extensions for Auth0.
  • Coordinate with Business Units and Human Resources to establish the appropriate level of access and status for employees, third parties and vendors (via manual methods or automated workflows)
  • Function as a subject matter expert, providing guidance on complex IAM issues and innovations.
  • Cultivate relationships with vendors and stakeholders to ensure alignment with technology trends and business strategies.
  • Lead continuous improvement initiatives, evaluating the effectiveness of IAM controls and processes, and implementing enhancements.
  • Creating and managing user accounts and security groups within AD.
  • Essential understanding of NTFS permissions
  • Ensuring AD infrastructure security and compliance with policies.
  • Monitoring AD performance and troubleshooting issues.
  • Implementing, creating, and managing Group Policy Objects according to company standards.
  • Assisting in AD migrations and updates.
  • Documenting AD processes and keeping records of changes.
  • Providing support for AD-related queries from users and resolving access issues.

 

REQUIRED SKILLS AND ABILITIES  

  • Solid understanding of Active Directory, Azure AD, AWS and IAM technologies.
  • Expert in managing IAM Governance, access provisioning to the platform, application, and database level.
  • Ability to produce exemplary technical and non-technical documentation.
  • Effective communication and engagement skills
  • Proven experience in leading IAM projects and technology transformations.
  • Advanced knowledge of network security protocols, identity federation, and cloud IAM services.
  • Strong leadership skills and the ability to drive strategic initiatives.
  • Strong analytical skills and the ability to work collaboratively.
  • Strong critical thinking skills and diligence.
  • Ability to effectively prioritize workload based on urgency levels and short timeline.
  • Ability to communicate system related issues and resolutions properly and effectively.
  • Ability to work and collaborate with remote vendors and assist in troubleshooting.
  • Ability to work well independently and collectively in a collaborative environment.
  • Ability to recognize when to escalate unresolved issues to the appropriate channels.
  • Ability to effectively manage multiple tasks and projects simultaneously.
  • Demonstrated ability to adapt quickly to changes in workload demands to support the business.
  • Demonstrated ability to stay focused on projects from inception to completion.

 

KNOWLEDGE, EXPERIENCE AND/OR EDUCATION REQUIREMENTS

  • Bachelor’s degree preferred but not required in Computer Science or Information Technology
    • In lieu of Bachelor’s degree, combination of associate degree and equivalent years of experience (or related area) preferred.
  • Minimum 4-6 years of experience in supporting enterprise-level applications.
  • Strong experience should include designing and developing provisioning flows developing Role Based Access Control (RBAC) entitlements, implementing role resolution, role mining and role administration.
  • Experience in using IAM tools and scripting for automation.
Disclaimer: Managers have the right to assign or redesign the responsibilities of the above-mentioned job description without notice and at any time
 

#LI-RZ1 
#LI-Remote
Empyrean is an Equal Opportunity Employer: including disability and veterans