IAM Engineer

MANDATORY SKILLS/EXPERIENCE

• Provide strategy, direction and leadership in incorporating all parts of IGA (access request, provisioning, de-provisioning, access review, and solving complex IAM related issues

• Manage escalations from staff, assist in setting priorities and risk mitigation strategies across the environment

• Design, implement, manage and engineering support for PAM/IAM backend infrastructure and IGA Platform based on best practices

• Lead development and implement procedures, runbooks, and documents to support the PAM/IAM services

• Support and onboard servers and users to PAM and IGA services

• Have solid knowledge of SailPoint, Cisco ISE, Delinea

• Support in troubleshooting and resolving complex identity, authentication, authorization, entitlement, permissions and integration problems

• Administer Windows 2012/2016/2019 server- Forest, Domain trust, AD, DFS, DNS, WINS, DHCP, Group Policy, Distribution lists, Windows folder security, and IP filter

• Administer a hybrid multi-tenant Microsoft Azure and Office 365, Amazon Web Services Cloud Platform environments;

• Advanced knowledge of modern authentications technologies and concepts such as SAML, Federation, SSO, OPenID, OAuth, Privilege Access Management (PAM), and Multi-Factor Authentication (MFA).

• Working knowledge of SailPoint, Cisco ISE, Delinea Secret Server.

• CISSP, or other IAM tool specific security certifications

• Candidate must have LinkedIn account

DESIRABLE SKILLS/EXPERIENCE:

A baccalaureate degree from an accredited college and 7 years of satisfactory full-time experience in IAM technologies working Hybrid Multi-cloud, Multi-tenant environment including Active Directory, Azure Active Directory, GCP and AWS.

• 5 Years’ experience managing and administering Identity and Access Management (IAM) tools and processes, Role Based Access Controls (RBAC), Privileged Access Management (PAM) and IGA platforms

• Understanding of cloud architecture Azure AD/Entra ID, AWS, Salesforce

• Provide oversight and assess security controls for IaaS, PaaS, and SaaS services, while collaborating with system integrators and NYCERS teams to deliver reliable and scalable security capabilities.

• Oversee and lead the implementation of security solutions, develop technical, and reference architectures throughout the project duration.

• Responsible for assessing and reviewing end-to-end secure integrations including web services and APIs.

• Work closely with NYCERS security team and third party system integrators on security engineering related issues and resolving the issues without affecting the overall project delivery timelines.

• Perform other duties as assigned as part of information security projects and initiatives.

SPECIAL REQUIREMENTS:

• Background check and employment verification required.

• No more than 3 resumes per vendor.

• 3 references are required for each candidate