Associate, Identity & Access Management (IAM) Engineer

BAIN CAPITAL OVERVIEW

Bain Capital, LP is one of the world’s leading private multi-asset alternative investment firms with approximated $185 billion of assets under management that creates lasting impact for our investors, teams, businesses, and the communities in which we live. Founded in 1984, we pioneered a consulting-based approach to private equity investing, partnering closely with management teams to offer the insights that challenge conventional thinking, build great businesses, and improve operations. Over time, we have organically expanded this approach across asset classes to build one of the strongest alternative asset platforms in the world. 

DESCRIPTION

The Identity and Access Management (IAM) Engineer will be responsible for the management of the company’s existing IAM and Privilege Access Management (PAM) systems; Okta and Delinea. This role will involve working closely with various departments and stakeholders to ensure secure and efficient access to resources, compliance with security policies, and continuous improvement of IAM and PAM best practices. We are looking for a highly passionate, proactive, and driven individual to join our high performing Information Security team.

• Solid understanding and working knowledge of IAM & PAM environments.
• Manage, operate, and oversee the IAM and PAM programs including technology solutions, architecture, standards, and procedures.
• Continue to mature the existing IAM and PAM programs, providing input and ideas into strategies and areas for program improvement. 
• Support the IAM and PAM infrastructure, including fixes and  upgrades to servers and agents.
• Support the onboarding of new SSO integrations and provide input on integrating the IAM framework into new and existing applications.
• Monitor and manage the overall health and functionality of the IAM and PAM systems.
• Work with Information Security teams to ensure that access management application usage and activity data is available for analysis and reporting.
• Perform regular reviews, maintenance, and configuration of IAM and PAM systems.
• Work with application support teams during troubleshooting of application authentication and authorization issues.
• Provide subject matter expertise in the development of technical documentation necessary for supporting the IAM and PAM environments.
• Participate in defining the roadmap, architecture, and standards for the IAM and PAM platforms.
• Exposure to data processing, hardware platforms, enterprise software applications, and outsourced systems.
• Good understanding of computer systems characteristics, features, and integration capabilities.

KEY RESPONSIBILITIES, MAJOR TASKS

Responsibilities include the following tasks:

• Lead deployment, configuration and architecture of security controls and tools to ensure the ongoing security of digital assets.
• Partner with other team members and peers in IT in designing security architecture and establishing desired configuration and policies for security technologies.
• Research, evaluate, and recommend security products, services, and standards to assist with the continued development of the overall IAM/PAM programs.
• Partner with IT staff members to provide technical security guidance and recommendations.  
• Participate in the development and tracking of key performance indicators (KPIs) related to security controls and overall posture.
• Develop and maintain documentation, playbooks and procedures for the IAM Engineer role.

GENERAL QUALIFICATIONS/REQUIREMENTS

• General knowledge and understanding of local area networks, firewalls, Active Directory, scripting, vulnerability scanning, encryption, web filtering, LDAP, multi-factor authentication systems, identity and access management systems, exploits and hacker techniques, and basic network and operating system security principles.
• Extensive experience with Delinea and/or Okta a plus.

• Bachelor’s Degree in Computer Science, MIS, Information Security or related technical field a plus.
• A drive to support activities that foster information security awareness across the organization.
• Experience with Windows, Mac OS and Unix/Linux operating systems.
• Previous hands-on experience with Okta, Delinea, AWS Identity, ,  Splunk, Netskope and Proofpoint a plus.
• Cloud security architecture knowledge is highly desirable (AWS or Azure).
• Knowledge of and practical experience with the MITRE ATT&CK framework a plus.
• Desire to achieve technical certifications such as CISSP, GIAC, CISA, CISM or similar.
• Maintains current skills through self-directed professional development reading, developing professional contacts with colleagues, attending professional development courses, training & conferences and obtaining relevant certifications.
• Excellent written and verbal skills, interpersonal and collaborative skills, and the ability to communicate security concepts to technical and non-technical audiences.
• Minimum of 2-4 years of experience in an Information Security role with working experience in Identity & Access Management and/or Priviledge Access Management.