The Senior IAM Engineer helps architect, deploy and operate a secure application infrastructure that aligns with business needs.
The position is responsible for supporting operational innovation and providing security direction to the business to elevate the company's security posture within a cloud computing infrastructure. An advanced role, the Senior IAM Engineer helps deliver applications at scale and with resiliency to support business initiatives. The Senior IAM Engineer is also expected to possess administrative and troubleshooting skills, and be knowledgeable about architecture, engineering and design principles. The Senior IAM Engineer should be adept at dealing with disparate applications and data systems to maintain the level of rigor required to adhere to business direction. Along with depth of system coverage, the role requires planning and design of policies and maintenance.

• In tandem with security leadership, the Sr. IAM Engineer will consistently assess the threat landscape and adapt quickly to protect the business from risk
• Design and implement security architectures and strategies to safeguard information system resources and assets
• Ensure integration of technology that upholds the Information Security policies and standards, as well as meets firm business objectives
• Identify opportunities for security process improvement
• Provide support for critical security infrastructure components to ensure system availability
• Mentor fellow team members and other associates in security best practices
• Maintain awareness of security technology direction, trends, and related issues
• Develop a long-term strategy for supported security systems

• 7+ years of experience in IAM lifecycle management, access management (SSO, SAML, OIDC), identity governance, privileged access management, etc
• Single Sign-On (SSO) technology - skills deploying and supporting Single Sign-on (SSO) of applications within an organization. Must include support skills such as tracing, logging, and real-time troubleshooting
• Federated SSO - Security Assertion Markup Language (SAML) and/or OpenID Connect (OIDC) skills required to support both internal and vendor authentication. Must include support skills such as tracing, logging, and real-time troubleshooting
• Scripting/programming - Ability to design, write, update, and troubleshoot code to resolve issues, create efficiencies, and/or integrate systems. Current specific needs are in Python, Javascript, Bash, and Powershell (in most needed to least needed). Knowledge of other scripting/programming languages and willingness to learn new technologies is a plus
• Proficiency in HTTP debugging/troubleshooting, using debugging web proxies like Fiddler/SAML-Tracer (or others)
• General knowledge of Active Directory (AD) or other LDAP Directory Services, especially querying/updating through scripts/programs
• Develop identity and access management solutions in Okta and Auth0
• Experience with SecureAuth IdP
• Multi-factor authentication (MFA) technology - skills deploying and supporting MFA technology for internal and internet-facing application requirements
• General knowledge of Virtual Directory Services, Certificates/Public Key Infrastructure (PKI), Identity Management concepts, Cloud Technology, and device authentication

• Extended Healthcare with Prescription Drugs, Dental and Vision, and Healthcare Spending Account (Company Paid)
• Life and AD&D Insurance (Company Paid)
• Employee Assistance Program (Company Paid)
• Telehealth (Company Paid)
• Short-term Disability (Company Paid)
• Long-Term Disability
• Paid Time Off (including vacation and sick days)
• Registered Retirement Savings Plan (RRSP) with Company match
• Maternity/Parental/Adoption Leave Top-up
• Employee Stock Purchase Program
• Critical Illness Insurance
• Employee Discounts
• Unlimited access to LinkedIn learning solutions