OVERVIEW:

The Company

Common Securitization Solutions (CSS) is seeking an experienced Senior Identity Access Management (IAM) Engineer to join our team of talented professionals. This is a full-time remote opportunity.

CSS built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.

Supporting 70% of the mortgage-backed securities in the market, CSS provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.

Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

RESPONSIBILITIES :

Job Information

We are looking for an Identity and Access Management (IAM) Senior Engineer to help the Identity and Access Management program at CSS automate and align with new technology and new business goals. The primary area of responsibility will be supporting the CSS Identity and Access Management program, both in the cloud and at several remote locations by developing automation for executing controls and leading efforts to improve them. The individual will ensure identity and access management controls in CSS are effective in their operation and will identify and automate control improvements that reduce risks and increase efficiency.

Individual should be detail oriented, thorough in executing IAM operational processes across a multitude of systems including MS Active Directory Domain Services, Azure AD, Office 365, AWS IAM, SailPoint Identity Cloud, and other AWS resources and SaaS applications. The selected individual will have demonstrated the ability to collaborate with a variety of teams in all areas of an organization in order to achieve objectives. The individual will be responsible for accurately documenting and maintaining operational and business continuity procedures.

Key Job Functions

Oversee the management of AWS IAM solutions while partnering with Cloud Enterprise Infrastructure team.
Develop and drive automation of SailPoint Identity Cloud key functions:
- Certification Campaigns
- SOD
- Provisioning/Deprovisioning
- Workflows
- Access Intelligence Center (AIC)
- SaaS Source Mapping
- API integration of 3^rd party data sources
Responsible for developing and facilitation for automation and execution of access reviews and recertification for all resources, responses to user transfer and lifecycle events.
Ensuring the adherence to Information Security controls and processes for our daily control compliance.
Ensuring the adherence to baseline controls as part of control compliance.
Response in gathering evidence in support of auditing by internal and external audit bodies.
Responsible for maintaining and development of IAM process documentation and workflows.
Contributing to the operational discussions with the team.
Participating and helping deliver IAM-related projects, coordinating with other departments.
Technical Lead for onboarding of select SaaS Offering into the IAM Security Controls Framework.
Cross Departmental Collaboration
- Working with other departments to integrate IAM solutions.
Training and Development
- Conducting training sessions for Level II and III analysts.

QUALIFICATIONS:

Education

Bachelor's degree or equivalent experience in an IT related field.

Minimum Experience

Minimum of 6 years’ experience in Identity and Access Lifecycle Management Operations and Controls.
Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position.

Specialized Knowledge & Skills

Experience in Cloud Identity Management with a strong understanding of AWS IAM to include policies, roles, user management, and security best practices.
Direct experience with MS PowerShell, JSON, SailPoint Identity Cloud API, Workflows and SOD is necessary.
Working experience with Privileged Access Management tools, specifically TSS (Thycotic Secret Server).
Experience leading group implementation and mentoring junior analysts through the process.
Experience using IAM tools and scripting for automation.
Candidate should have experience with MS Graph API, SCIM, and Azure Logic Apps.
Candidate should have a working knowledge of common OS and domain structures, servers, services, and their use of directory services.
Experience with DR/BCP planning for IAM services desired.
Candidate should have experience with Windows, Linux, Red Hat, etc. hosts, operating systems and applications.
Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.
Ability to handle multiple priorities – projects, deliverables, and stakeholders.
Strong ability to influence and mentor peers and management; ability to cross-functionally form relationships to achieve objectives.
Demonstrates an ability to think critically, contribute thought to a broader vision, and share ideas.
Willingness to learn new technology, tools and create new processes to meet control objectives.
CISSP, CISA, Microsoft, AWS certifications or equivalent designation highly desired.
Hands on experience with Oracle and SQL Server is a plus.
Experience using IGA/IAM and PIM tools is a plus.
Experience with operating controls aligned with ISO 27001/2, FISMA or National Institute of Standards and Technology (NIST) 800-53 Rev5 guidelines is preferred.

Pay Range $142,000 to 160,500

CSS’s pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) a candidate’s qualifications, skills, competencies, and experience, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. CSS offers a competitive total compensation package, which includes a performance bonus, 401k match, healthcare coverage, PTO, and a broad range of other benefits.

Employment

As a condition of employment with Common Securitization Solutions, any successful job applicant will be required to successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.

Common Securitization Solutions is an Equal Opportunity Employer.

##LI-Remote

Senior Identity Access Management (IAM) Engineer

Offer summary

Qualifications:

Key responsabilities:

Job description

Required profile

Experience

Hard Skills

Other Skills

Related jobs

System Engineer (m/f/d)

Corporate Restructuring Case Manager

Mental Health Nurse

IT-Systemingenieur - Betriebssysteme und Virtualisierung (m/w/d)

Senior Recruiter SAP (w/m/d), bundesweit remote oder hybrid