Identity and Access Management; IAM Cloud Engineer

Thank you for your interest in a career  Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.

At Regions, the Identity and Access Management (IAM) Engineer is responsible for working cross-functionally across the organization with business and IT partners, as well as external service partners to deliver the Identity Governance and Administration (IGA) capabilities across Regions. This role includes role-based access controls (RBAC), attribute-based access controls (ABAC), access review/certification, automated provisioning and de-provisioning, and access requests.

Primary Responsibilities

• Designs, develops, tests, implements, and integrates Identity and Access Management (IAM) systems and solutions
• Ensures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss
• Analyzes and maintains data to ensure projects deliver on time
• Ensures the maintenance, patching, operating, and monitoring of IAM systems
• Supports and resolves system incidents, problems and changes
• Designs and implements reusable strategies, decisions, service components, libraries and frameworks to support enterprise-level IAM services
• Onboards new applications and creates custom workflows, rules, and reports based on business requirements
• Creates and analyzes documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagrams
• Leverages bash scripting to maintain the night processing script
• Meets and encourages project teams to communicate project status, development issues/roadblocks, and requirements feasibility

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.

Requirements

• Bachelor's degree and six (6) years of experience in a related field

Preferences

• Advanced understanding of UNIX security, as it relates to user access and provisioning
• Experience with Agile methodology and SDLC concepts/tools (Git, Atlassian stack)
• Experience with Linux/Unix, Windows, scripting (with programming languages such as Bash, Power Shell, or Perl), SQL, LDAP, and web services
• Experience with one or more programming languages such as Java, C#, C/C++, Python, or Java Script
• Experience with role-based access controls and configuring automated provisioning and deprovisioning
• Experience with SailPoint (version 7.0 or later) or another IGA/IAM platform
• Recognized security industry certifications (CISSP, CIAM, etc.)
• Technical experience in systems integration or software engineering of identity and access management (IAM) solutions (such as Beyond Trust, Cyber Ark, AWS, Duo, OIM, Ping Identity, Radiant Logic, SailPoint, Okta, Active Directory, RACF)

Skills and Competencies

• Demonstrated ability to multi-task, to be self-initiated, and work independently
• Excellent customer service and interpersonal skills
• Excellent time management skills
• Excellent organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations, and take effective action
• Knowledge and skill in technical problem resolution
• Strong attention to detail and outstanding analytical skills
• Strong written and verbal communication skills

This position is intended to be onsite, now or in the near future. Associates will have regular work hours, including full days in the office three or more days a week. This position must be within a reasonable driving distance to a Branch, Consumer Operations, or Professional Office Building with the primary location being for Birmingham, AL, Nashville, TN, Atlanta, GA or Charlotte, NC.

The manager will set the work schedule for this position, including in-office expectations. Regions will not provide relocation assistance for this position, and relocation would be at your expense.

The ideal candidate will have the following skillset:

• Knowledge of AWS, Azure, and Vault identities and authentication methods including identity management, federation, credential handling, roles and policies
  • Technologies: AWS Identity Center, IAM Users, Service Control Policies, STS, OIDC;
    Azure Entra
    
    ID, Application Registrations, Hierarchical IAM RBAC, Managed Identities, Graph, Policies
• Knowledge of vault solutions and technologies, including security and operational best practices and appropriate use caes
  • Hashi Corp Vault, AWS Secrets Manager, Azure Key Vault
• Experience with Dev Sec Ops  technologies including Git Hub, Terraform, Harness and managing AWS, Azure, and managing COTS software in that environment
• General experience and knowledge of cloud and IAM security best practices
• Experience running workloads in AWS and Azure and familiarity deploying and using load balancing, virtual…