IAM Security Technologist, Progression

Power up a career with us. Our people are our greatest investments. 

 

Be the light to help us keep our customers connected.  If you are interested in a career and not just a position, Tampa Electric is the place to be! Tampa Electric offers competitive pay, a comprehensive benefits package and opportunities for growth and development in a friendly and professional work environment. We embrace diversity and the inclusion of all. We believe our differences, unique perspectives and talents are our strengths and integral to the success of our company.

 

We’re honored to serve approximately 780,000 customers across West Central Florida and safely provide them with clean, affordable and reliable electricity. We’ve been doing it for more than 100 years, and there’s so much more ahead.  

 

Join our team of energy experts as we build on that legacy through innovation, continued solar investments, cost-effective and sustainable energy solutions all while keeping top-notch customer service at the center of all we do. 

 

Tampa Electric is a subsidiary of Emera Inc., a family of energy companies which also includes TECO Peoples Gas and New Mexico Gas Company. Emera provides energy to residential and commercial customers in the United States, Canada, and the Caribbean, with career opportunities available in all of these locations. 

 

 

TITLE:    IAM Security Technologist, Progression
PERFORMANCE COACH:     Lead IAM Security Technologist 
COMPANY:    Tampa Electric Company
DEPARTMENT:    Information Security

 

This position can be hired at different levels within this job family based on Education and year of Experience – Progression.

 

POSITION CONCEPT

This role is responsible for operating the company’s information security systems, ensuring that all procedures are followed on a daily, weekly, and monthly basis.  This position provides expert-level support, within a team environment, for all systems used to secure the enterprise information technology assets.  The scope includes all network infrastructure, operating systems, and web server platforms throughout TECO Energy and its subsidiaries.

The Identity & Access Management (IAM) Technologist is typically responsible for the development and enhancing of IAM systems including SSO, authentication, and access controls ensuring confidentiality, integrity, and availability of IAM systems and data.

IAM Technologists provide IAM Security support for the TECO environment primarily focusing on SAP and Non SAP corporate applications and NERC applications. IAM Technologists will be responsible for adhering to established policies, following best practices, developing and possessing an in-depth understanding of exploits and vulnerabilities, resolving issues by taking the appropriate corrective action, or following the appropriate escalation procedures. IAM Technologists support the enforcement of corporate, regulatory, and risk management policies and assists in developing, maintaining, and publishing corporate IAM security standards, procedures, and guidelines for enterprise computing platforms. Position will be responsible for colloborating with multiple business units across Tampa Electric (TEC), Peoples Gas (PGS), New Mexico Gas (NMG), and Emera. 

 

TITLE:  Associate IAM Security Technologist

PRIMARY DUTIES AND RESPONSIBILITIES 

•    Assist in developing and maintaining a strategic roadmap for Identity and Access Management (IAM) aligned with both business and technological objectives. Collaborate closely with teams including Cyber Security, Human Resources, RPA, and Lines of Business (LoBs) to create efficient and user-friendly IAM solutions. (30%)
•    Assist in designing and implementing access control policies and authorization mechanisms to govern user access to systems, applications, and data. Enforce the principle of least privilege to minimize security risks. (20%)
•    Monitor, respond to security incidents related to unauthorized access attempts and troubleshoot the incidents. (10%)
•    Deploy and manage SSO solutions to enhance user convenience while maintaining security. Integrate applications to enable seamless and secure authentication across multiple systems. (10%)
•    Support the implementation and management of authentication mechanisms, such as multi-factor authentication.(10%)
•    Contribute to incident response activities related to identity and access issues. Work to mitigate and resolve security incidents affecting IAM systems.(10%)
•    Effectively collaborate with both technical and non-technical business owners, showcasing strong interpersonal skills. Actively seek opportunities to optimize the use of IAM toolsets and processes in support of business goals and provide innovative ideas(10%)

SUPERVISION
Direct Supervision:    No direct supervision responsibilities or direct reports.  
Indirect Supervision:        No indirect supervision responsibilities.

QUALIFICATIONS/EXPERIENCE
Education
Required:     Bachelor’s Degree in Computer Science, Information Systems or other I.T. related field of study, AND 2+ years of  IAM or SAP security experience OR 3+ years of SAP security experience.

Supervisory Experience
Required:    Not required

 

Knowledge/Skills/Abilities (KSA) 
Required:
•    Understanding of RBAC roles, including their assignment, coupled with a practical grasp of authorization object concepts. 
•    Knowledge of the identity lifecycle management by designing workflows for user onboarding, offboarding and changes.
•    Understanding of developing scripts, connectors, or custom code to enhance IAM functionality and address specific requirements. 
•    Knowledge of position-based security and how roles are assigned to positions on the org structure. This includes advanced troubleshooting of access issues related to position-based security
•    Good knowledge of how structural authorization is used via the org structure to restrict access to HR data. Authorizations are based on a user’s position within the org structure. Should also have advanced knowledge of the other configuration, organizational structure and structural profile considerations, which govern what users, can do & on what HR data they can operate
•    Good knowledge of the use of reporting tools and privileges concepts  
•    Knowledge of customizing IAM solutions to align with specific business needs and processes and Integrate IAM systems with other applications, directories, and platforms.
•    Good knowledge of reporting tool security as it relates to securing access to various reports, applications, connections, WEBI's, performing certain functions within certain related objects along with creating users. 
•    Good understanding of established system security control policies as it relates to GRC. Ability to analyze application authorization/privileges assignments and segregation of duties (SOD) conflicts, works with internal audit and compliance teams to resolved identified violations. Functional knowledge and implementation experience of GRC Access Control
•    Working knowledge of the processes that ensure compliance with NERC, CIP, SOX ,NIST and PCI;

TITLE:  IAM Security Technologist

•    Develop and maintain a strategic roadmap for Identity and Access Management (IAM) aligned with both business and technological objectives. Collaborate closely with teams including Cyber Security, Human Resources, RPA, and Lines of Business (LoBs) to create efficient and user-friendly IAM solutions. (30%)
•    Design and implement access control policies and authorization mechanisms to govern user access to systems, applications, and data. Enforce the principle of least privilege to minimize security risks. (20%)
•    Design, implement, and maintain IGA processes, including role-based access control (RBAC), certification, and compliance monitoring. Conduct regular access reviews and audits to ensure compliance with policies and regulations. (20%)
•    Enforce security policies related to authentication, password management, and session management. Monitor,respond to security incidents related to unauthorized access attempts and troubleshoot the incidents. (10%)
•    Deploy and manage SSO solutions to enhance user convenience while maintaining security. Integrate applications to enable seamless and secure authentication across multiple systems. (10%)
•    Effectively collaborate with both Technical and Non-technical business owners, showcasing strong interpersonal skills. Actively seek opportunities to optimize the use of IAM toolsets and processes in support of business goals and provide innovative ideas(10%)

SUPERVISION
Direct Supervision:    No direct supervision responsibilities or direct reports.  
Indirect Supervision:        No indirect supervision responsibilities.

        
QUALIFICATIONS/EXPERIENCE
Education
Required:     Bachelor’s Degree in Computer Science, Information Systems or other I.T. related field of study, AND 5+ years of IAM Security Technologist experience OR 7+ years of SAP security experience.

Supervisory Experience
Required:    Not required

 

Knowledge/Skills/Abilities (KSA) 
Required:
•    Very good understanding of RBAC roles, including their assignment, coupled with a practical grasp of authorization object concepts. 
•    Advance knowledge of the identity lifecycle management by designing workflows for user onboarding, offboarding and changes.
•    Understanding of developing scripts, connectors, or custom code to enhance IAM functionality and address specific requirements. 
•    Advance knowledge of position-based security and how roles are assigned to positions on the org structure. This includes advanced troubleshooting of access issues related to position-based security
•    Understanding of how structural authorizations use the org structure to restrict access to HR data based on a user’s position within the org structure
•    Understanding of how analysis authorizations work
•    Understanding BOBJ security as it relates to securing access to various reports & creating users
•    Understanding of the SAP portal architecture and user administration and how it handled through portal frontend
•    Understanding of established system security control policies as it relates to GRC. Responsible for the day-to-day security administration and maintenance including tasks such as creation of roles, profiles, IDs and provisioning of user access
•    Understanding of SAP security and authorization duties, including Portal Roles, Single-Sign-On, Directory services, and securing Internet Transaction Server / web services

 

TITLE:  Sr IAM Security Technologist

PRIMARY DUTIES AND RESPONSIBILITIES 
•    Develop and maintain a strategic roadmap for Identity and Access Management (IAM) aligned with both business and technological objectives. Collaborate closely with teams including Cyber Security, Human Resources, RPA, and Lines of Business (LoBs) to create efficient and user-friendly IAM solutions. (20%)
•    Design and implement access control policies and authorization mechanisms to govern user access to systems, applications, and data. Enforce the principle of least privilege to minimize security risks. (20%)
•    Design, Implement and maintain IGA processes, including role-based access control (RBAC), certification, and compliance monitoring. Conduct regular access reviews and audits to ensure compliance with policies and regulations. (20%)
•    Enforce security policies related to authentication, password management, and session management. Monitor,respond to security incidents related to unauthorized access attempts and troubleshoot the incidents. (10%)
•    Serve as Subject Matter Expert (SME) for audit, compliance, and regulatory efforts pertaining to IAM, SOX, and PII through investigating, documenting, and reporting to management. (10%)
•    Deploy and manage SSO solutions to enhance user convenience while maintaining security. Integrate applications to enable seamless and secure authentication across multiple systems. (10%)
•    Effectively collaborate with both Technical and Non-technical business owners, showcasing strong interpersonal skills. Actively seek opportunities to optimize the use of IAM toolsets and processes in support of business goals and provide innovative ideas(10%)

 

SUPERVISION
Direct Supervision:    No direct supervision responsibilities or direct reports.  
Indirect Supervision:        No indirect supervision responsibilities.

QUALIFICATIONS/EXPERIENCE
Education
Required:     Bachelor’s Degree in Computer Science, Information Systems or other I.T. related field of study AND 7+ years of direct IAM security experience OR 10+ years of direct SAP security experience.

Supervisory Experience
Required:    Not required

Knowledge/Skills/Abilities (KSA) 
Required:

•    Proficient understanding of RBAC roles, including their assignment, coupled with a practical grasp of authorization object concepts. 
•    Advanced knowledge of the identity lifecycle management by designing workflows for user onboarding, offboarding and changes.
•    Advanced understanding of developing scripts, connectors, or custom code to enhance IAM functionality and address specific requirements. 
•    Advanced knowledge of position b ased security and how roles are assigned to positions on the org structure. This includes advanced troubleshooting of access issues related to position-based security
•    Advanced knowledge of how structural authorization is used via the org structure to restrict access to HR data. Authorizations are based on a user’s position within the org structure. Should also have advanced knowledge of the other configuration, organizational structure and structural profile considerations, which govern what users, can do & on what HR data they can operate
•    Advanced knowledge of the use of reporting tools and privileges concepts  
•    Advance knowledge of customizing IAM solutions to align with specific business needs and processes and Integrate IAM systems with other applications, directories, and platforms.
•    Advanced knowledge of Reporting tool security as it relates to securing access to various reports, applications, connections, WEBI's, performing certain functions within certain related objects along with creating users. 
•    Advanced knowledge of the SAP portal architecture and user administration and how it handled through portal frontend along with troubleshooting knowledge of said architecture. Perform SAP security and authorizations duties, including Portal Roles, Single-Sign-On, Directory services, and securing Internet Transaction Server / web services
•    Advanced knowledge of established system security control policies as it relates to GRC. Ability to analyze application authorization/privileges assignments and segregation of duties(SOD) conflicts, works with internal audit and compliance teams to resolved identified violations. Functional knowledge and implementation experience of GRC Access Control
•    Working knowledge of the processes that ensure compliance with NERC, CIP, SOX ,NIST and PCI;

 
WORKING CONDITIONS 
Normal working condition with occasional weekend and overtime requirements, including on-call rotational support

PHYSICAL DEMANDS/ REQUIREMENTS 
Normal physical demands related to an office workplace environment
 

 

TECO offers a competitive Benefits package!!

 

Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage  *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!