Sr. Security Engineer - IAM
Jostens
JOB TITLE: Sr. Security Engineer - IAM JOB TYPE: Full Time - Remote TYPICAL/EXPECTED % OF OVERNIGHT TRAVEL: < 5% (less than 3 weeks/year) ABOUT YOU: The Sr. Security Engineer – IAM role is responsible for designing, implementing, and maintaining robust security solutions that ensure the integrity, confidentiality, and availability of our organization's IAM and Directory Services infrastructure. This role serves as a technical subject matter expert in identity management and authentication technologies within a hybrid infrastructure. This role will collaborate with cross-functional teams to assess security requirements, develop strategies, and architect solutions that align with industry best practices and regulatory compliance. The individual must be a motivated team player with a positive attitude, solid interpersonal skills and someone who can quickly take ownership within their area. The individual must be hands-on, work under minimal supervision and can work in a fast-paced environment. YOU HAVE: Technical skills. Comprehensive understanding of Active Directory, Azure Active Directory, Privileged Access Management (PAM), Password Vaulting Management, Single Sign-On (SSO), and Multifactor Authentication. Proficiency in IAM technologies, controls, and standard methodologies (LDAP, directories, certificates, SAML/OAUTH, MFA, Adaptive Authentication, PKI, IGA, and LCM). Proficiency in API and connector standards, such as SCIM, SOAP, and REST. In-depth knowledge of authentication and authorization protocols like SAML, OIDC, and OAuth. Knowledge of Cloud Security services (AWS/Azure) and server virtualization technologies, preferably VMWare, Azure VM, and/or AWS EC2. Proficiency with DevOps, Agile, Service Management, and Project Management tools, such as JSM, JIRA. Attention to detail. Strong analytical, problem-solving, and troubleshooting abilities. Proficient in conducting research into system issues and products as required. Great communication skills. Excellent customer service, collaboration, and presentation skills. Ability to influence and persuade. Effective project management skills and ability to work collaboratively in a team environment. Experience. 8+ years of experience in Security/Systems Engineering. 5+ years in IAM technologies, processes, and capabilities. Proven expertise in configuring Identity Governance & Administration (IGA) platforms. Experience with IAM systems such as Delinea, SailPoint, Okta, DUO. Familiarity with cloud-native IAM platform providers. Proven experience in product evaluations, solution planning, requirements gathering, testing, and implementation. Experience in diagnosing and troubleshooting system problems in complex, mixed systems environments. Experience with IAM principles in a cloud-first environment and understanding of PCI, SOX, HIPAA, and EU-GDPR regulations for IAM. Education. Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Preferred. Industry certification such as CISSP, CIAM, CIMP, CAP, CCSP and experience working with cloud platforms (AWS, Azure). YOU WILL: Identity and Access Management (IAM): IAM strategy development and implementation: Develop and implement the IAM strategy and roadmap, ensuring alignment with security and business objectives. Lead the design, implementation, and maintenance of IAM solutions, including identity provisioning, authentication, authorization, and access governance. Design and deploy IAM frameworks that correlate with business requirements and adhere to regulatory compliance standards. Oversee the administration of user access and privileges across various platforms, ensuring compliance with security policies and regulatory requirements. Collaborate with cross-functional teams to integrate IAM best practices into the organization's architecture, applications, and operations. Lead IAM Security Analysts, providing guidance, setting requirements, and ensuring the successful delivery of IAM services. Automate and orchestrate engineering and operational tasks through tools and scripting. Maintain and advance the IAM infrastructure, operationalize new IAM services, and measure compliance with IAM policies and standards. Engage with business and application support teams to understand their requirements and integrate their applications with IAM solutions. Lead initiatives to enhance the companies IAM capabilities for both on-premise and cloud workloads. IAM model design and managment: Devise strategies such as Access Lifecycle Management, Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC) to streamline user entitlements. Implement and perform ongoing management of privileged access management (PAM) solutions to control administrative access. Design, implement, and maintain IAM solutions like identity lifecycle management, single sign-on (SSO), and federation services. Govern identity repositories like directories and identity providers, ensuring seamless integration with diverse systems for efficient user authentication and authorization. IAM policy and procedure enforcement: Collaborate with stakeholders to establish and enforce IAM policies, standards, and procedures. Coordinate with product owners and engineering teams to execute identity provisioning features like access termination, access request and fulfillment. Regularly identify and propose enhancements to optimize IAM functions. General IAM responsibilities: Serve as a subject matter expert (SME) on PAM authentication platform configurations. Drive self-service and automation initiatives to transform PAM provisioning and lifecycle management for a superior user experience. Ensure PAM system architectures align with organizational standards, goals, and objectives. Lead and participate in vendor evaluations and selection for provisioning platforms and other IAM-related disciplines. Security Architecture and Engineering: Active Directory / Directory Services (AD / DS): Design and implement enterprise-level designs for Active Directory in alignment with a “cloud-first” strategy. Secure and harden Active Directory Services, ensuring compliance with best practices and CIS security controls using Group Policies and other tools. Develop, test, deploy, and document security controls for the AD environment, serving as a technical point for AD security concerns. Evaluate existing AD Infrastructure and Security standards and contribute to defining future architecture. Manage and support Active Directory domain services and federation services for internal and DMZ domains. Govern AD rights management practicing the principles of least privilege. Provision, configure, operate, and maintain AD DS hardware, software, and related infrastructure. Manage integration of AD DS and Azure AD to support hybrid identity. General security tasks: Manage policies and application configurations in assigned technical security platforms (e.g., Okta, Delinea, Azure, M365). Document and present technical architectures and designs, focusing on standards, growth, performance, reliability, scalability, and security. Conduct technical R&D for continuous innovation within security infrastructure. Ensure system hardware, operating systems, software systems, and procedures align with organizational policies and standards. Perform root cause analysis, debugging, support, and post-mortem evaluation for service interruptions, when necessary. Metrics and mitigation: Develop and regularly report on security metrics, proposing improvement actions when needed. Additional responsibilities: Communicate and collaborate effectively with team members across various organizational levels. Participate in vendor evaluations and selections for provisioning platforms and related disciplines in Access Governance. Lead, coach, and mentor team members on technical matters, project management, task prioritization, and strategic planning. LOVE WHERE YOU WORK: We care about your health. We offer competitive healthcare (health, dental, vision, coverage) in addition to voluntary benefits including home and car insurance, pet insurance, flexible spending account, amongst many more. We invest in your future. Our 401K plan has immediate vesting, so you can start saving for retirement right away. We believe in flexibility. Work from home or come into the office - the choice is yours with our hybrid work options. We want you to unplug when needed. We believe in taking your time off without guilt and offer accrued paid time off and company paid holidays. *For Washington residents, during a full calendar year, you will receive 13 vacation days, 8 sick days, 8 company paid holidays, and family paid leave. We care about your development. We support tuition reimbursement after 6 months of service. We believe in pay transparency. The salary range is $120,000 - $140,000. This position is applicable for bonus potential of up to 15%. APPLICATION DEADLINE: October 31, 2024 ABOUT US: Celebrating over 125 years of business, Jostens has been a part of local communities, working with K-12 schools, colleges and universities, teams, and affiliation groups. Representatives from Jostens touch thousands of schools and groups every day, working to make a difference with products and services that recognize accomplishments and help people tell their stories. These products, along with resources for educators, yearbook curriculum and services to help motivate and inspire like Jostens Renaissance® and Commitment to Graduate (C2G) are all designed to contribute to a positive and rewarding school experience. As a household name and leading brand in our market, we are passionate about being the most trusted partner in celebrating moments that matter. We are a mid-size company with a small company feel, allowing us to move fast and explore innovative ideas. Click on video link for an exclusive look into the Jostens experience! https://f.io/HIAsH659 ALL ABOUT TECHNOLOGY: Our Technology organization combines planning, analysis, and development in combination with both enterprise retail and manufacturing platforms as well as custom development using primarily Java, web services, and web application frameworks like ReactJS/NodeJS. The Technology organization manages priorities through a centralized quarterly planning in close collaborative with business decision-making and strategy, directly supporting leadership in Marketing, Sales, Digital & Operations. Delivery is managed through typically an agile, two-week scrum or Kanban methodology leveraging a suite of Atlassian products. The Technology teams are structured organizationally to focus on key platforms and the business units that they. Though the utilization of best-in-class technical software, such as AWS, Tableau, SAP BPC, Oracle EBS, Salesforce, & Microsoft 360, you will get to play a critical role in determining technology solutions that steer our business. Jostens allows for a hybrid work setting that focuses on creating professional and personal development. We can’t wait to show you what our Technology Team has to offer at Jostens! AMERICANS WITH DISABILITIES ACT (ADA): Jostens is committed to the full inclusion of all qualified individuals. If reasonable accommodation is required to fully participate in the job application or interview process, or to perform the essential functions of the position, please reach out to our HR team at recruiter@jostens.com or (952) 830-3399. Jostens is an Equal Opportunity Employer and complies with applicable employment laws. EOE/M/F/Vet/Disabled are encouraged to apply. California Privacy Policy: https://www.jostens.com/about/california-employee-privacy-policy
Confirm your E-mail: Send Email
All Jobs from Jostens