Senior Identity Management Engineer

at  CODICE

POSITION SUMMARY:

CODICE seeks a highly skilled and experienced Senior Identity Management Engineer. The selected candidate will be entrusted with designing, implementing, and managing advanced Identity and Access Management (IAM) systems, ensuring robust security and seamless user experiences. The role demands deep technical expertise and practical experience with various IAM tools and technologies.

TECHNICAL SKILLS

• IAM Solutions Expertise:
• Okta, Ping Identity, SailPoint, Oracle Identity Manager:
• Extensive hands-on experience in configuring, deploying, and managing IAM platforms such as Okta, Ping Identity, SailPoint, and Oracle Identity Manager.
• Proven ability to customize these IAM solutions to meet specific organizational requirements.
• Single Sign-On (SSO) Solutions:

Deep knowledge in implementing SSO across different platforms, ensuring seamless and secure user authentication across multiple applications.

• Multi-Factor Authentication (MFA) Solutions:

Experience deploying and managing MFA solutions to enhance security posture and comply with regulatory requirements.

• Privileged Access Management (PAM):

Skilled in implementing PAM solutions to manage and monitor privileged accounts and access, minimizing the risks associated with privileged access.

• Authentication Protocols:
• OAuth, OpenID Connect, SAML:
• Expertise in configuring and managing these protocols to facilitate secure and federated authentication processes.
• LDAP, Kerberos:
• In-depth understanding and practical experience in using LDAP and Kerberos for directory services and authentication mechanisms.
• Access Control Models:
• Role-Based Access Control (RBAC):
• Expertise in designing and implementing RBAC frameworks to ensure that users have access only to the resources necessary for their roles.
• Attribute-Based Access Control (ABAC):
• Experience in implementing ABAC by considering user attributes, resource attributes, and environment conditions into access control decisions.
• Policy-Based Access Control (PBAC):
• Skilled in configuring PBAC to control access rights based on policies dynamically.
• Directory Services:
• Microsoft Active Directory and LDAP:
• Proven ability to manage and maintain directory services for efficient and secure user information management.
• Directory Synchronization and Federation:
• Proficient in setting up and managing directory synchronization and federation services, ensuring seamless integration between various identity stores.
• User Lifecycle Management:
• Automating Onboarding and Offboarding:
• Demonstrated ability to automate the full user lifecycle from onboarding to offboarding, ensuring proper access provisioning and de-provisioning.
• Access Recertification:
• Experience in automating periodic access recertification processes to ensure ongoing compliance and proper access management.
• Workflow Automation and Identity Synchronization:
• Proficient in developing and deploying automated workflows to synchronize identities across diverse systems and directories, ensuring consistency and accuracy.
• Security Information and Event Management (SIEM):
• Experience integrating IAM solutions with SIEM tools, allowing for real-time monitoring, analysis, and response to security events.
• Incident Response:
• Skilled in monitoring IAM systems for security incidents, quickly identifying threats, and taking appropriate actions to mitigate risks.

REQUIRED EDUCATION:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

REQUIRED EXPERIENCE:

• Minimum of 8 years of hands-on experience in designing, implementing, and managing IAM solutions in large-scale environments.
• Experience in industries with stringent regulatory requirements (e.g., finance, healthcare, government) is advantageous.

PREFERRED EDUCATION:

Master’s degree in Computer Science, Information Technology, or a related field

DUTIES AND RESPONSIBILITIES

• 
  
  
  
• Design and Implementation:

• Lead the architecture, development, and deployment of IAM solutions such as Okta, Ping Identity, SailPoint, and Oracle Identity Manager.
• Implement Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM) to enhance security and user experience.
• Develop and enforce role-based access control (RBAC), attribute-based access control (ABAC), and policy-based access control (PBAC) models.
• Technical Expertise:
• Utilize authentication protocols including OAuth, OpenID Connect, SAML, LDAP, and Kerberos to ensure secure and efficient authentication processes.
• Oversee directory services like Microsoft Active Directory and LDAP, including directory synchronization and federation.
• Lifecycle Management:
• Automate user lifecycle management processes, including onboarding, offboarding, and periodic access recertification to maintain access integrity.
• Develop and implement workflow automation processes and identity synchronization strategies.
• Security and Monitoring:
• Integrate IAM solutions with Security Information and Event Management (SIEM) tools to monitor systems for security incidents.
• Proactively identify and respond to threats or security incidents, ensuring rapid mitigation of risks.
• Collaboration and Leadership:
• Work closely with security, IT, and business teams to ensure alignment of IAM initiatives with organizational objectives.
• Provide technical mentorship to junior engineers and act as a subject matter expert in IAM technologies and best practices.

NON-ESSENTIAL FUNCTIONS

• 
  
  
  
• Problem Solving:

• Demonstrated ability to troubleshoot complex IAM issues and develop effective solutions.
• Project Management:
• Experience managing IAM projects from inception through completion, ensuring adherence to timelines, budgets, and quality standards.
• Collaboration:
• Capability to work hybrid in diverse teams, engaging with IT, security, and business units to achieve shared objectives.
• Communication:
• Excellent verbal and written communication skills, able to explain technical concepts to non-technical stakeholders effectively.
• Leadership and Mentorship:
• Ability to provide guidance and mentorship to junior engineers, fostering a culture of continuous learning and improvement.
• Adaptability:
• Demonstrated flexibility and capacity to adapt to new technologies and changing business needs.
• Analytical Skills:
• Strong analytical skills to evaluate emerging IAM technologies and how they can be integrated into existing systems