Senior IAM Engineer - Urgent Hire

Identity and Access Management (IAM) Principal Engineer who will be responsible in leading the review and design of new IAM and Privileged Access Management (PAM) solutions to ensure appropriate controls and tools are selected and operationalized. The IAM team is specifically focused on B2B application integrations (intra-state agency integrations servicing hundreds of applications) that service several thousand internal users. With evolving state agency needs & team structure within the IAM program, this position presents a unique opportunity for candidates to ideate creative engineering & architecture solutions focusing on ‘productizing’ deliverables. Our current focus touches areas of auto-scaling deployments, workflow/upgrade automation, homogenizing our reference stack, expanding the utility of B2B single sign-on to cloud apps amongst other priorities.

The IAM Principal Engineer will be responsible for prioritizing & defining engineering requirements, setting up DevOps, and operational support with the adoption of next generation IAM and PAM solutions. The candidate will participate in projects & initiatives working with IAM team members, architecture, application development and agency specific engineering teams, service owners, and business stakeholders to provide enterprise IAM and PAM solutions that are scalable and adaptable.

•                  Lead EOTSS Identity and Access Management (IAM) team with designing, deploying, supporting, and monitoring IAM solutions using Azure Active Directory or other similar tools.

•                  Lead EOTSS IAM team with designing, deploying, supporting, and monitoring PAM solutions using Delinea or other similar tools.

•                  Lead meetings to gather and document business requirements for IT Cyber Security and Compliance projects involving IAM, integration with Active Directory, Multi-factor Authentication (MFA), and Privileged Access Management (PAM).

•                  Work with business partners and application teams to understand their access and identity requirements, and lead efforts to bring requirements in line with enterprise standards.

•                  Manage & monitor day-to-day issues, incidents & ensure issues are escalated and addressed and processes are followed.

•                  Engage in the review & design of new IAM solutions and PAM solutions to ensure appropriate controls and tools are selected and operationalized.

•                  Act as a subject matter expert on key principles of IAM & PAM with an in-depth knowledge including Authentication and Authorization systems.

•                  Lead IAM projects & initiatives working with IAM team members, architectural, dev and engineering teams, service owners, and business stakeholders to provide enterprise IAM solutions that are scalable and adaptable with the ever-changing business needs and industry demands.

Preferred Knowledge, Skills & Abilities:

•                  8 years of IAM related experience with a strong background in engineering and operationally running large scale infrastructure.

•                  8 years of experience with installing, integrating, and deploying Identity and Access Management solutions such as Azure AD, SailPoint, Okta, Ping, or other similar tools at an enterprise level.

•                  8 years of experience with installing, integrating, and deploying Privilege Access Management solutions such as Delinea, CyberArk, or other similar tools at an enterprise level.

•                  Thorough experience of IAM principles, methodology, and solutions including access control (role-based and discretionary), authentication, authorization, provisioning, approvals, and workflows.

•                  Strong hands-on experience and knowledge in managing projects through the full development lifecycle – specifically IAM solutions.

•                  Understanding key IAM concepts of Least Privilege, Privileged Access, Roles & Data mining, Segregation of Duty (SOD), & Role Based Access Control (RBAC).

•                  Proficient knowledge of modern Authentication methods, standards, and protocols such as Single Sign On SAML, OAuth, OpenID, Kerberos, LDAP, FIDO2, PIM, PIV, and other relevant mechanisms.

•                  Proficient experience and advanced working knowledge of access management, Azure Active Directory (Azure AD) and Federated Identities, directory services, Multi-Factor Authentication (MFA) & upcoming technologies in the identity space.

•                  Experience capturing IAM use cases and defining IAM requirements and processes.

•                  Experience in managing IAM infrastructure, on-boarding of applications, health check monitoring, policy and password management, certifications, workflows, work items and rules.

•                  Experience developing IAM governance documentation such as policies, procedures, standards, and guidelines, role creation and management, separation of duties, and access reviews.

•                  Document current state and future state business processes/workflows using standard process modeling tools and process improvement methodologies.

•                  Strong verbal, interpersonal, and written skills with the ability to work directly with business application owners and technical stakeholders to gather requirements and information on application data through reviews, information gathering sessions and walkthroughs.

•                  Proven ability to translate business problems, existing processes, and technology into service and process requirements.

•                  Strong problem-solving and troubleshooting skills.

•                  Certified Identity & Access Manager (CIAM) or Certified Information Systems Security Professional (CISSP) Certification is a plus, but not required.