(Azure) IAM Security Engineer

About The Position

Requirements

• Active Directory (Azure, On-prem)
• Windows Servers (2016 and newer)
• 5 or more years Azure experience
• Scripting/automation experience such as Python and PowerShell
• Experience writing documentation ranging from deep technical write-ups to end user guides.
• 4 year college degree in Information Technology or equivalent experience
• Ability to work both independently and with a team while managing workload with minimal supervision.
• Working knowledge of authentication and authorization protocols.
• Ability to address conflict with peers and others in the organization.
• Strong attention to detail and commitment to delivering quality solutions.
• Knowledge of IT security controls and IT infrastructure, especially IAM processes.
• Outstanding communication skills (verbal, written, visualization). This role requires the ability to communicate difficult concepts clearly and the desire to listen to understand.
• Understand Authentication process
• Conditional access policies
• IAM Security Engineering
• setup Azure AD connections
• ideal candidate is an Azure conditional access expert
• writing processes and standards
• thorough understanding of authentication processes.
• Rule-based access

Nice To Haves

• CyberArk (Preferred)
• Azure B2C (preferred)
• ADFS (preferred)
• Security certifications (CISSP, GSEC, CCSP, etc.) preferred
• Microsoft 365 certificates preferred
• Ideally candidate comes from consulting background/MSP (they are able to adapt to different environment)

Responsibilities

• Design, implement and operate security controls for various services in the Microsoft and Amazon cloud, with a primary focus in Azure AD.
• Design and implement access control policies within Azure AD and MDM.
• Design and implement Data Loss Prevention controls in Office 365.
• Assist with CyberArk Upgrades and maintenance
• Analyze requirements and apply knowledge of business needs and security risks to determine appropriate course of action.
• Collaborate with different areas of IT in order to provide security and business technology solutions for the Bank.
• Development of security policy, standard, procedure and design documents.
• Design, engineer, and deploy technologies for application integrations for using SAML, Open ID, or OAuth
• Act as a point of escalation for issues relating to security controls or tools, including (but not limited to) SSO, MFA, certificates.
• Occasionally provide support off-hours when business critical problems arise.

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)