Identity & Access Management Engineer - Direct Hire - Charlotte, NC
The Identity & Access Management Engineer will work closely with the service desk, audit, and IT teams such as application developers and other administrators in creating functional, scalable and secure IAM operations as well as the design and development of new business applications. She/he will also be assisting with identifying, evaluating and participating in decision making around new and emerging IAM automation activities and should be able to support and provide backup to IAM Team.
DUTIES and RESPONSIBILITIES:
- Provide subject matter expertise in the following identity related services: Active Directory, Identity & Access Management, Multi-Factor Authentication.
- Capability to a variety of technologies such as multi-tiered applications, databases, LDAP and directory services, application servers, network infrastructure, and understanding of security and dataflow within these components
- Provide technical expertise related to Microsoft AD and other relevant components, including workflow automation between Active Directory, Exchange and Microsoft O365.
- Perform and assist with regression tests with Key stakeholders in the Active Directory test environment and disaster recovery exercises.
- Work with business to create and maintain role based access controls for user accounts
- Improves efficiency by automating and orchestrating repetitive or manual tasks and promotes self-service.
- Provides 2nd and 3rd level support for key identity management systems.
- Develops and maintains technical solutions for the ongoing improvement of identity life cycle management.
- Manage and monitor Office 365 services and hybrid infrastructure.
- Perform migration activates of on-premises services to Microsoft Azure AD/Office 365.
- Proactively improve the processes/tools around provisioning and de-provisioning users across the organization through PowerShell scripts.
- Develop training resources for end users and ensure training assignments are completed.
- Ensure account audits and access methods are conducted as required by the IAM program and regulatory requirements. Report any data discrepancies to Internal Audit and IT Management.
- Recommend and oversee improvements, corrections, remediation or requirements for IAM operational role.
- Analyze & understand the risks associated with application security exposures and provide solutions to eliminate or reduce these exposures.
- Assist as a backup for the IAM team when members are on leave.
- Work with Audit department on Data certification and related compliance requests.
- Assist in periodic control activities such as regular review of user access, critical role review, and annual IT control testing support.
- Support remote access incidents and distribution of MFA tokens.
- O365 modifications such as mailbox creation, add/removal of associates in distribution lists.
- Provide ServiceNow reports and recommend ServiceNow modifications related to applications.
- Develop strong partnerships with internal departments, vendors and other technical resources.
- Fosters the client’s Culture in the department and throughout the company to ensure fulfillment of client’s vision and unity of purpose.
- Participation in special projects and performs additional duties as required.
EDUCATION and EXPERIENCE:
- Four-year degree in Computer Science/MIS, engineering, or related field, and 5+ years relevant industry experience in information security, or the equivalent combination of education, technical training or work/military experience
- Security certifications a plus: CISM, CISA, SANS, SAP, ITIL, MCSA: Office 365
- Experience with Office365, specifically administering Exchange Online.
- Experience with tools such as Zohos, AD Manager or Dell / Quest Migration tools.
- Strong understanding of LDAP and authorization technologies such as SAML.
- Experience with PowerShell scripting to manipulate AD objects.
- Experience with password management methods
- Experience with Active Directory, Hybrid Microsoft Exchange on Premise/Office 365 - Exchange Online.
- Previous knowledge of Remote Access applications supports such as MFA and RSA.
- Knowledge of implementing password management methods.
- Knowledge of ITIL principles a plus.
- Knowledge of SAP not required, but a plus.
- Knowledge of ServiceNow a plus.
- Knowledge of AS400 is a plus
Job Status: Full Time