Identity and Access Management Engineer
The Identity and Access Management unit is responsible for provisioning support which includes ticket management, customer service, and knowledge of least privilege methodology with security rights, permissions and groups, experience with Active Directory. Due to the importance of this position, it is expected that a person supporting IAM has basic troubleshooting skills with networking and computer systems, can multitask, work in a fast paced environment while providing excellent customer service.
➢Engagement planning, directing, and designing and implementing IAM solutions
➢Advanced understanding of business processes, internal control risk management, IT controls and related standards.
➢Assist leadership in creating proposals, budgets, and work plans.
➢Manage day-to-day project activities for performing assessments, developing strategies and roadmaps, and implementing IAM solutions
➢Communicate (verbally and in writing) with all levels of the organization to accomplish objectives portraying knowledge and confidence.
➢On Call for IAM Incidents as needed
Bachelor's degree in computer science, information systems and/or equivalent formal training or work experience. Five (5) years of experience in IT information security/IAM.
Job Description Form
Current CIAM, CIMP, CIST, CIPA, CIGE or equivalent certification preferred.
5+ years: of experience in developing, implementing IAM solutions
5+ years: of experience with installation, integration, and deployment of one of the
following IAM products: SailPoint, Microsoft, and CyberArk
3+ years: Single Sign-On, Identity Federation, and Multi-Factor Authentication 3+ years identity Governance and Administration, User Provisioning, Access Certification, Identity Analytics, Role-Based Access Control
3+ years: Privileged Access Management
3+ years: of experience managing projects through the full development lifecycle
3+ years: Experience in project management and the ability to communicate security technology issues verbally on both a formal and informal basis Experience with vulnerability management and risk assessment
Knowledge of cyber security standard frameworks such as ISO and NIST
Experience with different cloud computing platforms and cloud security framework.
Excellent written and oral communication skills.
Excellent customer service skills and problem resolution.
Experience in being able to manage and prioritize multiple tasks in an effective manner.
Ability to work independently without daily direction.
Strong communication & organizational skills, ability to multi-task, strong attention to details, excellent problem solving and follow-up skills required.
Key Skills and Responsibilities (SFIA Based):
ASUP – Level 4 Maintains application support processes, and checks that all requests for support are dealt with according to agreed procedures. Uses application management software and tools to investigate issues, collect performance statistics and create reports.
SCAD – Level 4 Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures. Provides guidance in defining access rights and privileges. Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.
HSIN - Level 3 Installs or removes hardware and/or software, using supplied installation instructions and tools including, where appropriate, handover to the client. Conducts tests, corrects malfunctions, and documents results in accordance with agreed procedures. Reports details of all hardware/software items that have been installed and removed so that configuration management records can be updated. Provides assistance to users in a professional manner following agreed procedures for further help or escalation. Reviews change requests. Maintains accurate records of user requests, contact details and outcomes. Contributes to the development of installation procedures and standards.
INAN - Level 4 Applies a range of mathematical, statistical, predictive modelling or machine-learning techniques in consultation with experts if appropriate, and with sensitivity to the limitations of the techniques. Selects, acquires and integrates data for analysis. Develops data hypotheses and methods, trains and evaluates analytics models, shares insights and findings and continues to iterate with additional data.
SCTY – Level 4 Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls. Performs security risk, vulnerability assessments, and business impact analysis for medium complexity
Job Description Form
information systems. Investigates suspected attacks and manages security incidents. Uses forensics where appropriate.
DATM – Level 4 Takes responsibility for the accessibility, retrievability, security, quality, retention and ethical handling of specific subsets of data. Assesses the integrity of data from multiple sources. Provides advice on the transformation of data/information from one format or medium to another. Maintains and implements information handling procedures. Enables the availability, integrity and searchability of information through the application of formal data and metadata structures and protection measures. Manipulates specific data from information services, to satisfy defined information needs.