Senior Engineer Identity & Access Management

役職

Tiffany is currently seeking a Senior Engineer Identity and Access Management with a strong focus on Active Directory and Okta to cultivate the growth and expansion of the Identity & Access Management program. This role will work closely with various engineers and architects to build Identity integrations with business applications. Solid understanding needed of Active Directory architecture, Sites and Services and management, creating, administering, and troubleshooting Group Policies (GPOs), Active Directory Federation Services (ADFS), SAML, SSO (Okta required), PKI, Networking DNS, DHCP, Authentication, Kerberos, NTLM. The candidate will engineer solutions that enable growth of the Identity Suite and provide support for its various integrations. They will provide strong leadership and project management skills as well as problem resolution and break fix support for the IAM tools portfolio.

 

 

Responsibilities:

• The core infrastructure technology duties include enterprise Microsoft Active Directory, ADFS, Microsoft Certificate Services, policy configuration, and top-level support for enterprise-wide initiatives
• Define an Enterprise IAM development strategy with a roadmap of key milestones and deliver consistently
• Plan, support, implement and design a directory synchronization system for Microsoft Active Directory and Windows-based systems across the enterprise, including directory and identity management solutions
• Configure okta for SSO and MFA application integrations
• Research new technology in response to enterprise-scale business requirements, systems configurations, or technology innovations
• Plan, build, test and promote to production new IAM solutions ad improvements
• Ensure that operational and incident trends and observations are considered regarding the evolution of the company’s enterprise security capabilities
• Provide senior management with statistics, reports, and usage trends on various processes and workflows
• Work on achieving IAM architecture compliance including: PCI, corporate data privacy requirements as well as state and federal regulations by actively participating in both internal and external audit activities

 

Qualifications:

• Strong firsthand experience with IAM technologies such as Active Directory Services, Microsoft Forefront Identity Manager (FIM/MIM), Service-Now
• 10 + years of experience in deploying and supporting enterprise IAM/Active Director/Okta solutions including troubleshooting/debugging and technical problem analysis
• Strong understanding of Okta, AD Attributes, LDAP Queries, PowerShell Scripting to Modify AD Attributes, Group Policy Analysis, GPO Configuration & Item-Level Targeting, Workstation Configurations, Browser Configuration Settings, familiarity with other Applications that integrate with Active Directory
• Strong knowledge of permissions that are granted natively to various Microsoft Built-In Groups to perform Active Directory Administrative Functions, knowledge of native permissions granted when building AD objects, knowledge of permissions granted natively to Built-In Groups via GPOs and/or Local Policies
• Understanding of LDAP, Active Directory as it relates to integrating applications with Directory services
• Windows certificates services management, PKI
• Thorough functional understanding and ability to configure Active Directory Server Roles (CAs, IIS, File/Print, DNS)
• Solid understanding of relational database environments, specifically SQL
• Experience with Azure Active Directory and Azure Active Directory Connect
• Knowledge of Office 365
• Experience with Hybrid AD with managed AD services from Microsoft
• Ability to conduct research and provide technical recommendations for further enhancing the IAM toolset

 

Preferred:

• Experience with Oracle databases is a plus
• Prior experience with JavaScript, VBScript, PowerShell, .Net, ASP, HTML is desired
• Strong analytical, evaluative, and problem-solving capabilities
• Experience working in a team-oriented, collaborative environment

 

All gender identities and orientations are encouraged to apply.

 

Please let Tiffany know if you request any accommodations for interview, we are happy to make any accommodation needed.