The Sr. Security Engineer – IAM role is responsible for designing, implementing, and
maintaining robust security solutions that ensure the integrity, confidentiality, and availability of
our organization's IAM and Directory Services infrastructure. This role serves as a technical
subject matter expert in identity management and authentication technologies within a hybrid
infrastructure.
This role will collaborate with cross-functional teams to assess security requirements, develop
strategies, and architect solutions that align with industry best practices and regulatory
compliance. The individual must be a motivated team player with a positive attitude, solid
interpersonal skills and someone who can quickly take ownership within their area. The
individual must be hands-on, work under minimal supervision and can work in a fast-paced
environment.
Requirements
Identity and Access Management (IAM) Role:
IAM Strategy Development and Implementation:
● Articulate and execute the organization's IAM strategy, emphasizing user
provisioning, robust access controls, and advanced authentication mechanisms.
● Design and deploy IAM frameworks that correlate with business requirements and
adhere to regulatory compliance standards.
● Specify requisite controls and processes for efficient management of user identities,
role assignments, and access privilege administration.
IAM Model Design and Management:
● Devise strategies such as Access Lifecycle Management, Role-Based Access
Control (RBAC), and Attribute-Based Access Control (ABAC) to streamline user
entitlements.
● Implement and perform ongoing management of privileged access management
(PAM) solutions to control administrative access.
● Design, implement, and maintain IAM solutions like identity lifecycle management,
single sign-on (SSO), and federation services.
● Govern identity repositories like directories and identity providers, ensuring seamless
integration with diverse systems for efficient user authentication and authorization.
● Innovate innovative Identity Management solutions to address B2B and B2C IAM
demands.
IAM Policy and Procedure Enforcement:
● Collaborate with stakeholders to establish and enforce IAM policies, standards, and
procedures.
● Coordinate with product owners and engineering teams to execute identity
provisioning features like access termination, access request and fulfillment.
● Regularly identify and propose enhancements to optimize IAM functions.
General IAM Responsibilities:
● Serve as a subject matter expert (SME) on PAM authentication platform
configurations.
● Drive self-service and automation initiatives to transform PAM provisioning and
lifecycle management for a superior user experience.
● Ensure PAM system architectures align with organizational standards, goals, and
objectives.
Lead and participate in vendor evaluations and selection for provisioning platforms and other
IAM-related disciplines.
Security Architecture and Engineering Role:
Active Directory / Directory Services (AD / DS):
● Design and implement enterprise-level designs for Active Directory in alignment with
a “cloud-first” strategy.
● Secure and harden Active Directory Services, ensuring compliance with best
practices and CIS security controls using Group Policies and other tools.
● Develop, test, deploy, and document security controls for the AD environment,
serving as a technical point for AD security concerns.
● Evaluate existing AD Infrastructure and Security standards and contribute to defining
future architecture.
● Manage and support Active Directory domain services and federation services for
internal and DMZ domains.
● Govern AD rights management practicing the principles of least privilege.
● Provision, configure, operate, and maintain AD DS hardware, software, and related
infrastructure. Manage integration of AD DS and Azure AD to support hybrid identity.
General Security Tasks:
● Manage policies and application configurations in assigned technical security
platforms (e.g., Mimecast, Okta, Azure, M365).
● Document and present technical architectures and designs, focusing on standards,
growth, performance, reliability, scalability, and security.
● Conduct technical R&D for continuous innovation within security infrastructure.
● Ensure system hardware, operating systems, software systems, and procedures
align with organizational policies and standards.
Perform root cause analysis, debugging, support, and post-mortem evaluation for service
interruptions, when necessary.
Metrics and Mitigation:
Develop and regularly report on security metrics, proposing improvement actions when needed.
Additional Responsibilities:
● Communicate and collaborate effectively with team members across various
organizational levels.
● Participate in vendor evaluations and selections for provisioning platforms and related
disciplines in Access Governance.
● Lead, coach, and mentor team members on technical matters, project management,
task prioritization, and strategic planning.
Benefits
The SecOps Engineer will be based remotely. Compensation commensurate with experience and candidate potential.
Company benefits include:
Go Premium: Access the World's Largest Selection of Remote Jobs!