Dev SecOps (Azure)

The Sr. Security Engineer – IAM role is responsible for designing, implementing, and

maintaining robust security solutions that ensure the integrity, confidentiality, and availability of

our organization's IAM and Directory Services infrastructure. This role serves as a technical

subject matter expert in identity management and authentication technologies within a hybrid

infrastructure.

This role will collaborate with cross-functional teams to assess security requirements, develop

strategies, and architect solutions that align with industry best practices and regulatory

compliance. The individual must be a motivated team player with a positive attitude, solid

interpersonal skills and someone who can quickly take ownership within their area. The

individual must be hands-on, work under minimal supervision and can work in a fast-paced

environment.

Requirements

Identity and Access Management (IAM) Role:

IAM Strategy Development and Implementation:

● Articulate and execute the organization's IAM strategy, emphasizing user

provisioning, robust access controls, and advanced authentication mechanisms.

● Design and deploy IAM frameworks that correlate with business requirements and

adhere to regulatory compliance standards.

● Specify requisite controls and processes for efficient management of user identities,

role assignments, and access privilege administration.

IAM Model Design and Management:

● Devise strategies such as Access Lifecycle Management, Role-Based Access

Control (RBAC), and Attribute-Based Access Control (ABAC) to streamline user

entitlements.

● Implement and perform ongoing management of privileged access management

(PAM) solutions to control administrative access.

● Design, implement, and maintain IAM solutions like identity lifecycle management,

single sign-on (SSO), and federation services.

● Govern identity repositories like directories and identity providers, ensuring seamless

integration with diverse systems for efficient user authentication and authorization.

● Innovate innovative Identity Management solutions to address B2B and B2C IAM

demands.

IAM Policy and Procedure Enforcement:

● Collaborate with stakeholders to establish and enforce IAM policies, standards, and

procedures.

● Coordinate with product owners and engineering teams to execute identity

provisioning features like access termination, access request and fulfillment.

● Regularly identify and propose enhancements to optimize IAM functions.

General IAM Responsibilities:

● Serve as a subject matter expert (SME) on PAM authentication platform

configurations.

● Drive self-service and automation initiatives to transform PAM provisioning and

lifecycle management for a superior user experience.

● Ensure PAM system architectures align with organizational standards, goals, and

objectives.

Lead and participate in vendor evaluations and selection for provisioning platforms and other

IAM-related disciplines.

Security Architecture and Engineering Role:

Active Directory / Directory Services (AD / DS):

● Design and implement enterprise-level designs for Active Directory in alignment with

a “cloud-first” strategy.

● Secure and harden Active Directory Services, ensuring compliance with best

practices and CIS security controls using Group Policies and other tools.

● Develop, test, deploy, and document security controls for the AD environment,

serving as a technical point for AD security concerns.

● Evaluate existing AD Infrastructure and Security standards and contribute to defining

future architecture.

● Manage and support Active Directory domain services and federation services for

internal and DMZ domains.

● Govern AD rights management practicing the principles of least privilege.

● Provision, configure, operate, and maintain AD DS hardware, software, and related

infrastructure. Manage integration of AD DS and Azure AD to support hybrid identity.

General Security Tasks:

● Manage policies and application configurations in assigned technical security

platforms (e.g., Mimecast, Okta, Azure, M365).

● Document and present technical architectures and designs, focusing on standards,

growth, performance, reliability, scalability, and security.

● Conduct technical R&D for continuous innovation within security infrastructure.

● Ensure system hardware, operating systems, software systems, and procedures

align with organizational policies and standards.

Perform root cause analysis, debugging, support, and post-mortem evaluation for service

interruptions, when necessary.

Metrics and Mitigation:

Develop and regularly report on security metrics, proposing improvement actions when needed.

Additional Responsibilities:

● Communicate and collaborate effectively with team members across various

organizational levels.

● Participate in vendor evaluations and selections for provisioning platforms and related

disciplines in Access Governance.

● Lead, coach, and mentor team members on technical matters, project management,

task prioritization, and strategic planning.

Benefits

The SecOps Engineer will be based remotely. Compensation commensurate with experience and candidate potential.

Company benefits include:

• Paid time off
• English classes
• U.S. Holidays
• Training
• Udemy free Premium access
• Mentored career development
• U$S Remuneration