System Engineer- Identity

Optimum•Plano, TX

8d•Hybrid

About The Position

The IAM & PAM Engineer will be responsible for ensuring that Optimum's Identity & Access Management and Privileged Access Management platform is implemented, designed, and maintained to ensure that all applications being used within the company are on-boarded for access entitlements, provisioning and de-provisioning of users. Candidate must be familiar in integrating and managing privileged accounts, ensuring security compliance, and providing technical support for Delinea / Thycotic Secret Server and Privilege Manager. Candidate must be well versed with identity federation principles as the person will have the responsibility to set the standard for the firm in terms of identity & access management as well as privilege access management. Candidates must also have role-based access control (RBAC) experience in relation to design, implementation, and remediation. This position requires participation in technical research and development to enable continuing innovation for Privilege Access Management and Information Risk management.

Requirements

Bachelor's degree in IT Security, Cybersecurity, Computer Science, or equivalent experience
Minimum 3-5 years of experience in Information Security with a focus on Identity and Access Management with Privileged Access, preferably using Delinea or similar tools
In-depth understanding of Delinea Secret Server, Privilege Manager, Connection Manager, and distributed vaulting models
Deep understanding of RBAC (Role Based Access Control), Single Sign On (SSO), Least Privilege, JIT Access, and Privileged Session Management
Strong Analytical background and troubleshooting skills.
Understanding of Active Directory domains, LDAP directories, Oracle Identity, Unix Identity
Strong understanding of cloud computing concepts including experience with Microsoft Azure, Amazon Web Services, Google Cloud Platform
Expert knowledge of Microsoft Active Directory, Azure Active Directory
Advanced level knowledge in architecture and implementation of identity and access management solutions
Extensive experience in design and troubleshooting of user provisioning and deprovisioning workflows, including automation of access and access removal to various applications and/or authorities
Demonstrated knowledge of identity, authentication, security, privacy, and compliance and how they factor into cloud and hybrid solutions.
Strong working knowledge of network architecture and standards for large enterprise
Knowledge of compliance standards and practices such as PCI DSS, Sarbanes Oxley, and Department of Justice National Security Agreement
Ability to assemble project requirements and contribute to security design implementation from inception to completion
This position follows a hybrid work model and is based at our Plano, TX office

Nice To Haves

Integrating Delinea with DevOps pipelines, cloud-native tools, and modern ITSM platforms (ServiceNow)
Identity Access and Governance Management - Preferably skills with SailPoint, Okta, and a Privilege Access Management solution such as Delinea, CyberArk and BeyondTrust
Proficiency with a scripting language (Unix/Linux shell, Python, or PowerShell) is preferred

Responsibilities

Provides information security subject matter expertise in support of projects sponsored by business units and other EIT departments.
Install, configure and maintain Delinea Secret Server, Privilege Manager, and Connection Manager in on-premises and cloud environments (Azure, AWS, GCP).
Administer and engineer Delinea Secret Server for integrating privileged accounts across on-premises and cloud environments, including Azure.
Collaborate with cross-functional teams to integrate PAM tools into both on-premises and cloud-based systems.
Integration of Automated Password rotation on Service Accounts, and other Highly Privileged accounts.
Conduct regular assessments and audits to ensure the security and compliance of privileged accounts and access across all environments.
Lead in the documentation of processes, procedures, and best practices for Delinea administration and privileged access management.
Stay up to date on the latest developments in PAM technologies and cybersecurity best practices through self-study and training opportunities.
Ensures that system implementations conform to established company security standards and/or industry best practices.
Participates in the budget process by specifying Information Security technical, resource and personnel requirements for capital projects.
Conducts laboratory and pilot evaluations of security technologies.
Provides information security consulting services to business units and other departments.
Maintains support relationships with various vendors and manufacturers.
Develops and maintains minimum security baseline configurations for various handheld, workstation and server operating systems.
Processes Service Desk tickets assigned to the Engineering team.  Responsible for problem resolution.
Develops documentation including operations manuals, runbooks, procedures and problem resolutions.