Identity and Access Management (IAM) Engineer

This is a remote position.

• Implement and maintain IAM systems, including a PAM solution.
  
• Create and maintain Identity and Access processes.
  
• Implement and maintain role-based access control.
  
• Implement and maintain Single Sign On (SSO) and Multi Factor Authentication (MFA) systems.
  
• Implement automated solutions between the IAM system and target apps/systems, using out-ofthebox
  and custom connectors.
  
• Develop, enhance, test, document and manage Identity Management automation processes to
  support daily operations and to improve business functions via automation.
  
• Perform vendor account attestations and maintain a process to identify and deactivate stale
  accounts.
  
• Analyze, understand and document existing workflows and how they interface with other
  systems.
  
• Manage and document onboarding, offboarding, entitlement automation and approval workflows.
  
• Identify and run SQL queries to obtain information and reports as needed.
  
• Identify and correct problems uncovered by testing or end user feedback.
  
• Manage the operation of IAM products and keep systems updated as updates are released.
  
• Work with peers to reduce manual processes through automation.
  
• Manage, audit and document User Identity lifecycle.
  
• Maintain appropriate security access and protection, in compliance with existing security policies
  and best practices. Ensure IAM systems are in compliance with security requirements.
  
• Collaborate and cross-train Physical Security, Active Directory and Collaboration Engineers as
  needed.
  
• Serve as escalation POC for automation issues related to onboarding and offboarding.
  
• Must be available to work regular business hours Pacific Standard Time.
  
• Must also be available to work on-call, evenings and weekends as needed.
  
• Performs other duties as required to support the business and other Security Engineers, such as
  responding to threat detections in the identity and endpoint protection platforms.
  

• High school diploma or GED required.
  
• Bachelor’s Degree in Information Security, Computer Science, Information Systems, Software
  Engineering, or related field preferred.
  
• Minimum of three (3) years’ experience managing One Identity products is preferred, with an
  emphasis on Identity Manager and Safeguard products required.
  
• Minimum of three (3) years’ experience automating IAM systems required.
  
• Minimum of three (3) years’ experience implementing and administrating Privileged Access
  Management required.
  
• Microsoft Entra experience preferred, especially relating to Conditional Access and Authentication
  Methods.
  
• Scripting Skills – PowerShell, Quest cmdlets, SQL, HTML.
  
• Experience with IIS or other web servers.
  
• Experience with basic maintenance and troubleshooting of Windows Server preferred.
  
• Microsoft SQL Server Experience preferred.
  
• Active Directory experience.
  
• Experience querying AD, LDAP, SQL and generating reports.
  
• Experience managing identities and roles within LDAP and Active Directory.
  
• Hands-on experience with Exchange Online and M365 preferred.
  
• Experience with creation/modification/deletion of user accounts, both manually and via
  automation preferred.
  
• Experience with Request management workflows preferred.
  

• Understanding of application-level security models, including identities, roles, permissions and
  how they apply to identity and access management (IAM).
  
• Ability to troubleshoot and resolve problems in IAM workflows, especially relating to One Identity
  products.
  
• Ability to document business requirements, use cases, flows, and diagrams.
  
• Basic understanding of Exchange Online, IIS and Group Policy Objects (GPO).
  
• Understanding of principle of least privilege (PoLP) security model and how to apply.
  
• Desire to understand the details of existing applications/processes, workflows and how they
  integrate with other applications.
  
• Interest in understanding customer perspective and business need to aid in development of the
  solution.
  
• Ability to work independently and apply sound judgment and reasoning skills to a variety of
  situations.
  
• Ability to multi-task and collaborate effectively with other personnel to meet deadlines.
  
• Strong verbal and written communication, attention to detail and organizational skills.
  
• Ability to work within critical deadlines.
  
• Ability to adjust to rapidly changing priorities and schedules.
  
• Ability to provide excellent customer service.