Identity and Access Management Engineer II - Western & Southern Financial Group

Overview:Works closely with the Identity & Access Management (IAM) team to develop, build and deliver the future state IAM strategy for the Enterprise. This includes helping define a vision for how identities will be managed across all parts of the business, and how the associated access to systems and data will be maintained. Assists in driving the technical delivery of IAM solutions required to support the needs of the business. Works to understand industry best practices, emerging trends and the latest open source methods that will help address current challenges and enable new ways of delivering value to the Enterprise. Supports senior team members as a consultant to IT project teams and application development teams to provide assistance in their deployment of business and IT applications. Escalates when needed and updates senior team members and Manager on a regular basis.Responsibilities:What you will do:

• Supports technical efforts in the maintenance and execution of a multi-year IAM strategic plan that is aligned with business priorities, industry best practices and the enterprise information security strategic plan.
• Assists in evaluating and implementing IAM products and services required to meet business and technology requirements, which includes directory services (e.g., AD), identity federation (e.g., SAML, SSO and ADFS), Multi-Factor Authentication (MFA), and Identity Management (IdM). Helps develop monitoring and reporting on the health, effectiveness and efficiency of IAM services.
• Works with senior team members to ensure requirements are gathered, processes defined and use cases documented. Provides configuration and development support. Helps with User Acceptance Testing and bug-related engineering efforts. Participate in all IAM deployment activities. Assist team in providing post production support.
• Implements scalable access management and identity lifecycle processes for internal (associate) and external (customer, producer and bank channel) identities.
• Helps identify opportunities for automation and standardization when needed for the user lifecycle provisioning process (requesting, approving, implementing and auditing user access).
• Works with senior team members in developing integration requirements and design. Helps in integrating applications and third-party products into the IAM platform to utilize provisioning, de-provisioning and user lifecycle management. Assists team by providing technical support and performing operational fixes related to integration code.
• Assists in the support of the role-based access control (RBAC) model and the development of RBAC processes and procedures. Helps create and maintain role-based access control documentat+C2:C9
• Administers access rights reviews. Follows up with reviewers to answer questions or provide additional data insight.
• Supports senior team members in consulting on IT and business projects. Helps consult on access related topics for associates as it relates to onboarding, transfers, etc.
• Conducts in-depth research to understand industry best practices, emerging trends and the latest open source methods. Provides input to senior engineering team members.
• Supports senior team members in providing consulting to IT and any associated projects. Helps consult to IT project teams and application development teams to assist in the evaluation and design of their IAM needs.
• Performs other duties as assigned
• Complies with all policies and standards

Qualifications:

• Bachelor's Degree In computer science, computer engineering, IT or a related technical field, or commensurate selection criteria experience. (Required)
• Proven experience in working on identity and access management projects. (Required) and
• Proven experience in completing assigned tasks accurately and on a timely basis. (Required) and
• Experience in identity and access governance, including role-based access control (RBAC), user identity lifecycle management and access certification. (Required) and
• Experience with Linux-based and MS Windows-based system platforms. (Required)
• Demonstrated knowledge in the areas of identity and access management, provisioning and de-provisioning, password management synchronization, authentication, authorization and single sign-on or commensurate experience.
• Demonstrated inherent passion for information security and service excellence
• Proven ability to identify project risks and gaps, developing creative and workable solutions to complex problems and policy issues.
• Demonstrated strong team player - collaborates well with others to solve problems and actively incorporate input from various sources.
• Proven strong analytical and problem-solving skills with the ability to grasp new concepts and apply them; effectively evaluates information/data to make decisions; anticipates obstacles and develops plans to resolve.
• Demonstrated excellent verbal and written communication skills with ability to convey information to internal and external customers in a clear, focused and concise manner.
• Proven calm and professional demeanor when handling demanding situations.
• Demonstrated ability to work with a team and multiple stakeholders to provide direction and oversight.
• Proven self-starter with strong internal motivation.
• Demonstrated ability to work under multiple deadlines and with minimal supervision.
• Knowledge or experience with one or more IAM solutions such as NetIQ Identity Vault, SailPoint Identity Governance, etc.
• Understanding of directory services (Active Directory, LDAP, eDirectory).
• Understanding of federation, SSL, SAML, OAuth, OpenID Connect, and identity governance and administration (IGA) technologies.
• Understanding of IAM frameworks, practices, systems and controls.
• Understanding of privileged access management solutions such as CyberArk, Thycotic, etc.
• Knowledge of multi-factor authentication (MFA) solutions and technologies.
• Knowledge of enterprise, network, system and application-level security issues.
• Scripting skills preferred (examples include Python, Perl, JavaScript, PowerShell).
• CISSP Certified Information Systems Security Professional Upon Hire (Required)
• Any GIAC certification or ISACA certifications Upon Hire (Required)

Work Setting/Position Demands:

• Works in an office setting and remains in a stationary position for long periods of time while working at a desk, on a computer or with other standard office equipment, or while in meetings.
• Requires the ability to verbally communicate and exchange accurate information to customers and associates on a regular basis.
• Requires visual acuity to read and interpret a variety of correspondence, procedures, reports and forms via paper and electronic documents, visual inspection involving small defects; small parts, and/or operation of machinery (including inspection); using measurement devices continuously. Visual acuity is required to determine accuracy, neatness, and thoroughness of work assigned.
• Requires the ability to prepare written correspondence, reports and forms using prescribed formats and conforming to rules of punctuation, grammar, diction, and style on a regular basis.
• Requires the ability to apply principles of logical thinking to define problems, collect data, establish facts, and draw valid conclusions
• Performs substantial movement of wrists, hands, and fingers for continuous computer work.
• Extended hours required during peak workloads or special projects/events.

Travel Requirements:

• Occasional travel may be required.