Principal Identity and Access Management Engineer

About the Opportunity

JOB SUMMARY

Reporting directly to the Chief Information Security Office (CISO), the Principal Identity Access Management Engineer contributes to the Identity and Access Management (IAM) program at Northeastern University’s global campus system.

The Principal Identity Access Management Engineer is responsible for contributing to IAM component designs, IAM service development, service integration, implementation, and operations of university wide IAM services for all faculty, staff, students, parents, alumni, vendors, and University technology partners.

The Principal IAM engineer is proficient with the following : Modern approaches to IAM with Microsoft Azure / AD / SSO, OAuth, OpenID, and SAML;

expert knowledge of identity provisioning with IGAs (e.g. Saviynt); Role-based access control. Experience with DevOps / SRE methodologies and background in automation / IaC / GitOps.

The right individual for this role will have the ability to build partnerships and lead technical teams, having proficiency in technical concepts, and the ability to manage complex projects.

Regrettably, the university is unable to work sponsor for this role, now or in the future.

This position is hybrid; working three days onsite is required.

QUALIFICATIONS

• Bachelor’s degree in Information Systems or Computer Science and / or equivalent combination of education and work experience.
• Seven years of professional IT experience , preferably building or operating programs within the domain areas of Identity and Access Management.
• Expert knowledge of Microsoft’s AzureAD / SSO / Active Directory with a strong focus on access control via RBAC / ABAC.
• Well-versed in the information security issues affecting educational entities and cloud-based application service providers.
• Ability to assess computer systems and business processes for security risks.
• Excellent interpersonal, communication, and presentation skills, including formal report writing experience.
• Experience working in Agile teams with Scrum / Kanban / etc.

PREFERRED QUALIFICATIONS

• 3 years’ experience with coding in Python or Groovy to transfer, manipulate identity data, and accomplish process automation.
• Experience with Saviynt’s IGA platform.
• Experience with Grouper and Shibboleth.

KEY RESPONSIBILITIES & ACCOUNTABILITIES

• Responsible for technical delivery and integration for authentication, authorization, identity provisioning, and identity governance and administration (IGA) solutions across all University systems, audience types, and applications.
• Help drive optimizations for IAM team operational performance across all IAM disciplines and functions. Responsible to assist in driving high levels of IAM services nimbleness, agility, and responsiveness to university systems and applications.
• Without direct supervision, perform tasks required to ensure customer satisfaction and departmental SLA's are achieved.
• Provide Tier 1, 2, and 3 support to customers on the services provided by the department.
• Provide accurate and effective documentation on all issues and problems.
• Provide training and documentation to Tier 1 support and other department team members on emerging issues.
• Responsible for IAM system production support (may require outside of regular hours as needed)
• Establishes success metrics for the IAM program that measure the reliability and availability of IAM environments.

Position Type

Information Technology