Identity and Access Management Manager
USA, East Aurora New York
$130,000 to $160,000
Description
Our Company's Corporate Group is hiring an Identity and Access Management Manager
Job Summary:
The Identity and Access Management Manager (IAMM) is responsible for the team that will develop the framework and recommend an enterprise-wide strategy for the various directory and authentication services running operating systems such as Unix, Linux, and Windows. This individual will lead the team to perform the research, design, implementation, and on-going support plan of the proposed framework. The directory and authentication services support activities required to sustain the business activities globally including but not limited to engineering, manufacturing, operations, marketing, sales, and quality. These responsibilities include the design, documentation, and implementation of corporate identity and device access standards across all company subsidiaries globally. This team is also the expert level support (Tier 3) for several infrastructure applications like Active Directory (AD), Azure AD, Identity management, Device Management, and Certificate Management.
Responsibilities:
· Lead the team that will develop the framework and recommend an enterprise-wide strategy for the various directory and authentication services running operating systems such as Unix, Linux, and Windows.
· Develop and monitor the individual training plans for direct reports.
· Establish and oversee the work activities of direct reports.
· Establish relationships will all groups and locations within the company to develop understanding of the requirements and impact of developing and implementing the directory and authentication services framework.
· Effectively design and implement new technology in the company's server environment requires a though knowledge of the existing environment, a full understanding of industry standards, current technology trends, and new technology emerges.
· Continuously develop and update leadership skills.
· Design, document, implement, and audit corporate identity and access management standards for all company divisions and subsidiaries worldwide.
· Plan, design, and implement, and provide on-going technical support (maintenance) and problem resolution of the company's AD, Azure AD, Identity and Device Management, and Certificate Authority systems and services.
· Interface with key IT people worldwide to support the above activities and provide expert (Tier 3) support on an on-call basis for the operations staff which is 24 hour a day 7 day a week.
Directs the activities of all directory administrators from a technology perspective including all activities related to the Unix server activities (planning, design, documentation, implementation, administration), Windows server activities (planning, design, documentation, implementation, administration), Identity management systems, DNS, DHCP services, Unix services), and automation of the end user environment.
Implementation and support of remote access computing solutions.
Basic Qualifications:
· Typically, a bachelor’s degree in MIS related discipline and 5 years’ relevant experience in hands on integration of applications using modern protocols (i.e., SAML, OIDC, Oauth 2.0, SCIM)
· Experience with IAM systems - ADFS, Okta, Azure AD, Active Directory
· Understanding of various authentication factors and risk-based authentication
· Understanding of different access models – RBAC, ABAC, GBAC
· Data analysis and reporting skills - Comparing user datasets across systems.
Preferred Skills:
· Leadership of a small team
· Strong communication skills verbally and written.
· Understanding of LDAP queries, SQL and KQL
· Experience Managing Security and Authentication Policies in Azure
· Experience with Microsoft Identity Manager, Azure AD Connect
· Knowledge of other authentication protocols - Kerberos, NTLM, LDAP, Basic
Desired Certifications (Not Required):
· CISSP
· CISM
· Microsoft certs - AZ900, AZ800, AZ500, SC900, SC300
· CompTIA Sec+
· Certifications from IAM platforms and providers – Okta, Ping, Onelogin, Duo.