IAM Engineer

Our client, a Financial Services company, is looking for an IAM engineer to join their team and build out a more comprehensive IAM solution for the organization. They are looking for someone who is highly technical from an engineering perspective, bringing experience with on-prem active directory and integrations with Entra ID, as well as RBAC.

Requirements:

• On-premise Active Directory and Entra ID experience
• Experience with Role-based access controls

Location: Ideally Chicago but open to remote

Work Authorization: USC or Green Card

What you'll be doing:

• Design, engineer, and maintain IAM security policies and solutions that align with company and security program objectives.
• Collaborate with security, technology, and trading teams to design and deploy effective Identity and Access Management (IAM) solutions.
• Develop and manage processes for entitlement reviews, running regular campaigns to ensure appropriate access levels and adherence to security policies across the organization.
• Implement and manage Privileged Access Management (PAM) solutions to ensure secure and controlled access to critical systems and data.
• Enhance our user behavior analytics and insider risk programs by deploying and managing tools that improve the detection and mitigation of insider threats and anomalous identity-related activities.
• Advance the implementation of cutting-edge authentication methods, including Passwordless Authentication, FIDO2, and Multi-Factor Authentication (MFA), to strengthen security and improve user experience.
• Ensure compliance with regulatory requirements (e.g., NYDFS, MAS, DORA) and alignment with our overall cybersecurity program by continuously refining IAM practices and policies.
• Serve as the primary point of contact for identity security incidents, providing real-time guidance and support.
• Leverage automation and innovative technologies to optimize identity security processes and improve efficiencies in detecting and responding to identity-related security events.

What we're looking for:

• You are passionate about identity security and understand its critical role in a comprehensive cybersecurity program.
• You have hands-on experience designing, implementing, and managing both on-premises and cloud-based IAM solutions.
• You have experience with federated identity solutions.
• You have expertise in Privileged Access Management (PAM), Passwordless Authentication, JSON Web Tokens (JWT), and Multi-Factor Authentication (MFA) solutions.
• You possess in-depth knowledge of authentication and authorization standards such as SAML, OAuth, SCIM, Kerberos, and LDAP.
• You have experience with identity platforms such as Active Directory, EntraID, Okta, Duo, or Ping Identity.
• You are proficient in conducting entitlement reviews and managing identity governance processes to ensure comprehensive visibility and control over user access.
• You enjoy leveraging automation, AI, and emerging technologies to solve complex problems.
• You are proficient in one or more scripting languages.
• You are proactive and responsive in managing identity security incidents and continuously improving overall IAM practices.
• You are an effective communicator, capable of articulating complex IAM concepts and strategies to cross-functional teams and stakeholders.