Working with Cybersecurity management, the Identity & Access Management (IAM) engineer defines, establishes, maintains, and manages identities across the organization. They rigorously manage access to systems and applications, adhering to security, engineering, and governance principles. This role collaborates closely with IT, cybersecurity, business units, and third parties, managing provisioning, governance, SSO, directory services, technical integrations, and behavioral analytics.

• Implement and configure global identity solutions and capabilities: Manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), privileged account management, automation, and behavior analytics systems.
• Recommend and implement automation and provisioning improvements: Enhance end-user experience by optimizing automation, onboarding, and provisioning configurations based on recommendations.
• Document access workflows, policies, and exceptions: Maintain comprehensive documentation of implemented identity solutions for audit reviews, ensuring integrity and compliance.
• Collaborate with security leadership and stakeholders: Work closely with security leadership, teammates, and stakeholders to evaluate and implement access models aligned with organizational risk posture.
• Resolve IAM issues across employee base and external entities: Assess and address IAM issues impacting employees and external entities, ensuring timely resolution and minimal disruption.
• Evaluate business impact and risk exposure: Assess the business impact and risk exposure associated with access levels granted, providing recommendations for improvements.
• Support incident response efforts: Collaborate with incident responders during potential incidents, escalating to management as necessary for swift resolution.
• Perform other duties as assigned: Flexibly undertake additional responsibilities as assigned to meet evolving organizational needs.

• Identity and Access Management (IAM): Understanding of IAM, application integration, life cycle management (LCM), Single-sign-on (SSO).
• Active Directory (AD), AD Lightweight Directory Services (AD LDS), Azure Active Directory (Azure AD), Group Policy, DHCP, DNS: Experience in managing and configuring these technologies.
• Public Key Infrastructure (PKI): Familiarity with PKI concepts
• Privilege Access Management (PAM): Knowledge of PAM principles and technologies for managing and securing privileged accounts and access.
• Proficiency in administering directory services, Windows and Azure AD, Okta directory, SSO, MFA, and role-based access control (RBAC).
• Experience in administering IAM systems, access controls, security and risk management, and security governance fundamentals.
• Automation: Experience in automating tasks using PowerShell or other scripting languages to improve efficiency and streamline processes.
• Programming: Proficiency in at least one programming language (e.g., Python, Java) for scripting and automation tasks.
• Problem-Solving: Excellent problem-solving skills to identify and resolve issues related to identity and access management systems.
• Verbal & Written Communication: Effective communication skills to effectively communicate with technical and non-technical stakeholders.