IAM Engineer

Overview

Participate in IAM projects and initiatives, and collaborate with other engineers, analysts, and managers to deliver high-quality IAM solutions. Assist in the resolution of project issues and recording time against tasks accurately and timely. Assist in work plan development and management. Ensure successful completion of assigned projects on schedule, within budget, and in accordance with Advocate Health standards.

• Design, implement, and maintain IAM solutions using tools and technologies such as Active Directory, Azure AD, SSO, MFA, SAML, OAuth, etc. Participate in testing, validation, and quality assurance of IAM solutions, ensuring functionality, performance, and security. Monitor and audit IAM systems, activities, and processes. Generate reports and dashboards to track IAM performance and compliance. Perform initial evaluation and response to alarms and incidents.
  
  Evaluate and implement improvements to monitoring protocols. Perform initial troubleshooting, analysis and remediation of access and permissions issues.
• Manage the identity lifecycle and access policies for users, groups, roles, and applications across the organization. Perform access reviews and audits to ensure compliance with IAM policies and standards, and provide audit, privacy, legal and compliance support for IAM security/access related issues. Adhere to all procedures necessary to protect information systems from intentional or inadvertent modification, disclosure, or destruction.
• Provide technical support and guidance to clients and internal teams on IAM-related matters, such as user provisioning, access management, identity governance, etc. Develop and report on overall metrics of assigned areas of responsibility. Document and update IAM policies, procedures, and configurations, and ensure they align with best practices and industry standards.
• Analyze and resolve IAM issues and incidents with root cause analysis and recommendations for improvement. Evaluate issues/tickets and assign tickets to junior team members. Recommend and implement solutions for problems within the team.
• Collaborate with the IAM team, application owners, and business stakeholders to understand and document IAM requirements and issues, and act as customer liaison, communicating requirements and timelines to end-users or business contacts. Analyze data based on end-user requirements and information gathering. Identify and understand the business impact of decisions to meet customer expectations.
• Identify and remediate IAM vulnerabilities, risks, or gaps; implement corrective actions and preventive measures. Support security/access related records in all phases including build, configuration, testing, implementation, go-live support, and optimization; perform process improvement and security optimization tasks.
• Serve as escalation point for application teams on security/access issues, and as IAM contact for assigned audits and security-related activities with other departments. Document all responses.
• Maintain knowledge of applicable technologies, forums, roadmaps, and related documentation. Research and evaluate new IAM technologies and best practices; recommend improvements and enhancements to the IAM architecture and processes.
• Contribute to team effort by sharing knowledge, aiding, and demonstrating initiative. Train and mentor other IAM team members.

• Education
  Bachelor's Degree (or equivalent knowledge) in Information Systems, Computer Science or related field
• Certification / License
  IAM certification (SailPoint, Okta, or other IAM engineering related certification) within one year.
• Work Experience
  Typically requires at least two to four years of experience in IAM Engineering, administration, or support, preferably in a large and complex environment; experience in IT fields such as Cyber Security, Epic Security, or other technical areas; or an equivalent combination of education and experience. Strong knowledge and skills in IAM concepts, principles, and standards. Proficient in IAM tools and technologies, such as Active Directory, Azure AD, SSO, MFA, SAML, OAuth, and SCIM.
  
  Experience in scripting and automation using Power Shell, Python, or other languages. Experience in cloud computing platforms and services, such as Azure, AWS, or Google Cloud.
• Knowledge / Skills / Abilities
  Requires understanding of IAM technology, process and procedures and the ability to apply that understanding to supporting existing systems and/or implementing new systems. Strong knowledge of user provisioning procedures and RBAC. Broad understanding of tools and technologies from end-user devices through the database management system. Detailed knowledge of security as it relates to application support. Understanding of security mechanisms with clinical and hospital information systems.
  
  Strong data analytical, critical thinking, reasoning, deduction, inference, and problem-solving skills. Ability to learn new technologies quickly. Proficiency in…