Cybersecurity Engineer - IAM

Summary 

This is a hands-on security position working within the Information Security group and with the internal IT department at large. We are looking for candidates who have a passion for cyber security, identity management, and threat response. You will provide domain expertise to design and develop the capabilities of the identity and access management platform and the automation of application deployment pipelines to the platform.  

The Role

In this role, you will be an essential partner and technical specialist for identity and access platform development and provide thought leadership on overall security and authentication across various workflows. You will be a key part of our efforts to enable the business needs in a highly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice. 

Responsibilities 

• Provide design, evaluation, analysis, testing, debugging and implementation of identity and access management programs to support the company’s strategy 

• Maintain configuration, updates, and overall administration of the identity access management platform 

• Have a deep understanding of user lifecycle management; including provisioning/de-provisioning, access requests, user entitlements and audit & validations 

• Maintain standards for access management across the company and department 

• Collaborate with HRIS, IT service owners, and service desk to troubleshoot and fulfill identity related workflows 

• Knowledge of identity governance workflows with the concepts of attestation and auditing. 

• Integrate new applications into the identity access management platform through RESTful APIs, JDBC, flat file, or built-in connectors and configure aggregation, provisioning, and entitlements 

• Automate identity workflows and processes for lifecycle management, auditing, reporting, governance and self-service 

• Provide and maintain a RESTful identity API to downstream services 

• Play an active role in CAA’s security incident response efforts, working to identify and mitigate information security threats 

Required Capabilities 

• A minimum of 4 years in Information Technology, ideally with a focus on information security 

• A minimum of 2 years’ experience in identity and access management or CyberSecurity 

• A Bachelor’s or Master’s Degree in a relevant field of work 

• Experience scripting in at least one of the following languages:  PowerShell, Python, JavaScript 

• Experience with the deployment and support of Zero Trust Identity architecture and infastructure 

• A strong understanding of the fundamental operations of servers, operating systems, networks, firewalls, cloud applications, and infrastructure 

• Experience in automation and integration with SaaS applications 

• Understanding of OAuth, SAML and OpenID frameworks 

• Experience in lifecycle management and provisioning and de-provisioning 

• Knowledge of different MFA and compensating controls for identity 

• Knowledge of privilege identity management, privileged access management, and concepts of just in time provisioning, just enough access, and principal of least privilege 

Desired Capabilities 

• Set up and integrated Single Sign-On with various SaaS vendors 

• Account set-up and access management 

• Using and coding against REST APIs  

• Knowledge and experience of SCIM provisioning and integration 

• Worked closely with human resources and help desk support staff 

• Experience supporting and following identity framework or IDaaS 

• An understanding of the NIST framework and using a continuous improvement loop 

Desired Skills 

Azure AD, Active Directory, AD Connect, Azure Automation, Power Automate, SAML, OpenID, WS-Fed, SSO, SCIM, OAuth, Programming (java, python), PowerShell, RESTful APIs, MSSQL, OGNL, GraphQL, Workday, SailPoint, Okta, Ping Federate, PingID, Splunk, RBAC

Environment 

CAA has a service oriented collaborative environment where we help our colleagues then focus on our own work.