Senior Identity and Access Management (IAM) Engineer
About The Position
Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U.S. mortgage loans and the management of investments related to the U.S. mortgage market. At Pennymac, our people are the foundation of our success and at the heart of our dynamic work culture. Together, we work towards a unified goal of helping millions of Americans achieve aspirations of homeownership through the complete mortgage journey. The Identity & Access Management (IAM) Lead is responsible for the strategic design, implementation, and management of systems pertaining to identity management, identity security, and directory/federation services. This role ensures that access to Pennymac’s systems and data is secure, efficient, and compliant with internal policies and external regulations. The Lead will protect the organization against unauthorized access and identity-based threats by maintaining robust authentication and authorization frameworks.
Requirements
- Minimum of 7 years of experience in systems administration, automation, or technology architecture.
- Proficiency in PowerShell for automation and administrative tasks.
- Deep technical knowledge of Active Directory (AD) and directory services.
- Experience managing Privileged Account Management (PAM) tools (e.g., CyberArk, BeyondTrust, Keeper).
- Expertise in SSO Providers and Federation (e.g., OneLogin, Okta, SAML, OIDC).
- Knowledge of network security including VPN, Firewall, and web server security as it relates to identity.
- Experienced in working with compliance and regulatory program requirements (e.g., SOX, GLBA).
- Strong initiative and decision-making capabilities and the ability to communicate clearly with technical and non-technical stakeholders.
Nice To Haves
- BS or MA in Computer Science, Information Security, or related field. Relevant cyber security and/or identity certifications.
Responsibilities
- Manages and/or improves multiple systems related to identity management, identity security, and directory/federation services.
- Makes recommendations to improve identity, network, and application architectures to ensure "least privilege" access and enhance end user experience.
- Analyzes and assesses vulnerabilities within identity infrastructure and application identity design, investigates countermeasures for identity-based attacks, and recommends best practices.
- Reviews and updates information security policies, architectures, and standards specifically for Identity and Access Management.
- Responds to audits, penetration tests, and vulnerability assessments related to user access and identity governance.
- Utilizes new technologies and scripting to enhance security capabilities and automate manual provisioning/deprovisioning processes.
- Works with IT and business partners to ensure identity security is factored into the selection and configuration of all new software and hardware.
Benefits
- Comprehensive Medical, Dental, and Vision
- Paid Time Off Programs including vacation, holidays, illness, and parental leave
- Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations)
- Retirement benefits, life insurance, 401k match, and tuition reimbursement
- Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorships
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
