Identity & Access Management (IAM) Engineer

As a member of the Information Services Department, the Identity & Access Management (IAM) Engineer will be responsible for managing Security Projects and Initiatives, implementing and maintaining Authentication and Authorization Frameworks, design and implementation of Lifecycle and Access Strategies leveraging the IGA tool to implement the Firm’s Information Security policy as well as industry best practices.

ESSENTIAL FUNCTIONS :

• Design and Implement Authentication and Authorization frameworks to protect systems and information.
• Develop and Maintain Single Sign-On configurations used by the organization.
• Create and develop IAM solutions for internal requirements and client requests.
• Collaborate and coordinate with other teams to establish security protocols across the Firm.
• Develop and maintain IGA solutions to provide efficient and effective lifecycle and access management.
• Create, develop, and maintain enforcement mechanisms to ensure that Firm policies are being adhered to across the Firm.
• Administration of Active Directory and EntraID services.
• Management of Enterprise and Team level projects while achieving deadlines set by the Firm.
• Respond and resolve to tickets incoming from End Users and other IT Members.
• Responsible for the development and administration of the IGA and PAM systems.
• Documentation around architecture and policies / procedures.
• Provide after hours and rotational shift coverage as required.

ADDITIONAL FUNCTIONS :

Support adjacent security functions within the team.

QUALIFICATIONS (EXPERIENCE, KNOWLEDGE, SKILLS AND ABILITIES) :

Education :

Bachelor’s degree in information security or related field required. An equivalent combination of work and education may be considered in lieu of degree.

Experience :

Minimum of five years in an IAM role required.

Knowledge, Skills, & Abilities :

• Knowledge of Authentication Frameworks (SAML, OAuth, JWT, API Tokens).
• Experience using languages such as Powershell, Python, or other current programming and scripting languages.
• Working knowledge of Active Directory / EntraID and their sub-services (Authentication, Authorization, Conditional Access, Multifactor, etc.)
• Strong analytical and problem-solving skills to enable effective security event and problem resolution.
• Proficiency in working with APIs using Rest / Soap / Oauth.
• IGA experience required, preferably Sailpoint.
• Knowledge of compliance standards (HIPAA, CCPA, GDPR, etc.)
• Knowledge of RBAC / ABAC principles and their implementations.

WORK ENVIRONMENT & PHYSICAL DEMANDS :

This job operates in a clerical, office setting. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

PHYSICAL REQUIREMENTS

Sedentary work : Exertion of physical strength to lift, carry, push, pull, or otherwise move objects up to 10 pounds. Work involves sitting most of the time.

Walking and standing is often necessary in carrying out job duties.

VISUAL ACUITY

Worker is required to have close visual acuity to perform an activity such as : preparing and analyzing data and figures;

transcribing; viewing a computer terminal; extensive reading.

DISCLAIMER

Fox Rothschild LLP is under no obligation to provide sponsorship for this position. Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.

This job description is not an exhaustive list of all functions that the employee may be required to perform and the employee may be required to perform additional duties.

Additionally, management reserves the right to review and revise the job description at any time. Employment with the firm is at-will.

Employees must be able to satisfactorily perform all of the essential functions of the position with or without a reasonable accommodation.

If an accommodation request would cause an undue hardship or a safety concern, the individual may not be eligible for the position.

Equal Opportunity Employer - vets, disability