
Summary
This is a hands-on security position working within the Information Security group and with the internal IT department at large.We are looking for candidates whohave apassionforcyber security,identitymanagement,andthreatresponse. Youwill provide domainexpertiseto design and develop the capabilities of the identity and accessmanagementplatform and the automation of application deployment pipelines to the platform.
The Role
In this role, you will be an essential partner and technical specialist for identity and access platform development and provide thought leadership on overall security and authentication acrossvarious workflows.Youwill be a key part of ourefforts toenablethebusinessneedsinahighly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud servicesalong withthe challenges of integrating those services into our security practice.
Responsibilities
Provide design, evaluation, analysis, testing, debugging and implementation of identity and access management programs to support the company’s strategy
Maintain configuration, updates, and overall administration of the identity access management platform
Have a deep understanding of user lifecycle management; including provisioning/de-provisioning, access requests, userentitlementsand audit & validations
Maintain standards for access management across the company and department
Collaborate with HRIS, IT service owners, and service desk to troubleshoot and fulfill identity related workflows
Knowledge of identity governance workflows with the concepts of attestation and auditing.
Integrate new applications into the identity access management platform throughRESTful APIs, JDBC, flat file, or built-in connectors and configureaggregation, provisioning, and entitlements
Automate identity workflowsand processes for lifecycle management, auditing, reporting,governanceand self-service
Provide andmaintaina RESTful identity API to downstream services
Play an active role in CAA’s security incident response efforts, working toidentifyand mitigate information security threats
Required Capabilities
Aminimum of4years in Information Technology, ideally with a focus oninformation security
Aminimum of2years’ experience inidentity and access managementorCyberSecurity
ABachelor’s or Master’sDegree in a relevant field of work
Experience scripting in at least one of the following languages: PowerShell, Python, JavaScript
Experience with thedeploymentand support ofZero Trust Identityarchitecture andinfastructure
Astrong understanding of the fundamental operations of servers, operating systems, networks,firewalls,cloud applications,and infrastructure
Experience in automation and integrationwith SaaS applications
Understandingof OAuth, SAMLandOpenIDframeworks
Experience in lifecycle management and provisioning andde-provisioning
Knowledge ofdifferentMFA and compensating controlsfor identity
Knowledge ofprivilegeidentity management,privilegedaccess management,and concepts ofjust in timeprovisioning, just enough access, and principal of least privilege
Desired Capabilities
Setupand integratedSingle Sign-Onwith various SaaS vendors
Account set-up and access management
Using and coding againstREST APIs
Knowledge and experience of SCIM provisioning and integration
Worked closely with human resources and help desk support staff
Experience supportingand followingidentity framework orIDaaS
An understanding of the NIST framework and using a continuous improvement loop
Desired Skills
Azure AD, Active Directory, AD Connect, Azure Automation, Power Automate, SAML, OpenID, WS-Fed, SSO, SCIM, OAuth, Programming (java, python), PowerShell, RESTful APIs, MSSQL, OGNL,GraphQL, Workday, SailPoint, Okta, Ping Federate,PingID, Splunk, RBAC
Environment
CAA has aservice orientedcollaborative environment where we help ourcolleaguesthen focus on our own work.