AddressRole Description:
As the Identity Engineering Lead, you will be responsible for evolving a complicated global hybrid environment to a cloud first environment by advancing the design and implementing modern comprehensive Identity and Access Management (IAM) and Privileged Access Management (PAM) strategies adhering to company standards and requirements.
This role requires a dynamic and experienced leader to drive excellence in IAM practices, support the team’s growth, and ensure the organization’s identity and access management strategies are robust, secure, and compliant.
The Role:
- Manage all aspects of engineering and operations for Identity and Access Management (IAM), including JML, Access Governance, Entra ID, Active Directory, External Identity, and SSO.
- Maintain the existing Joiner-Mover-Leaver (JML) processes using Microsoft Identity Manager (MIM). Participate in modernizing the JML processes using products like Azure Lifecycle Management.
- Lead the deployment and maintenance of Privileged Access Management (PAM) solutions using CyberArk and Azure Privileged Identity Management (PIM).
- Implement access governance processes using SailPoint to ensure compliance with organizational policies.
- Manage Entra-ID (Azure Active Directory) and on-premises Active Directory environments to ensure secure and reliable directory services.
- Ensure synchronization and integration of directory services to maintain identity consistency. Maintain existing Entra-Connect environment and participate in modernization using products such as Azure Cloud Sync.
- Configure and manage Single Sign-On (SSO) solutions using Entra Enterprise Applications, SAML, and OAuth/OIDC protocols for secure and seamless authentication experiences.
- Drive the organization’s Zero Trust journey by implementing and advocating for Zero Trust principles in IAM practices, ensuring robust verification processes for all users and devices.
- Implement and manage CIAM solutions, including B2C and Entra External Identities, to secure customer identities and enhance user experiences.
- Develop and maintain automation scripts using C# and PowerShell to streamline IAM processes and reduce manual efforts.
Implement automation for routine IAM tasks and integrations with other systems. - Ensure secure network configurations and manage Windows operating systems in the context of IAM.
- Collaborate with network and system administrators to align IAM policies with overall IT infrastructure security.
- Manage IAM-related services and configurations within the Azure environment, ensuring alignment with Azure security and compliance requirements.
- Set team standards of excellence for IAM processes and documentation, ensuring clarity, consistency, and completeness.
- Maintain comprehensive documentation of IAM processes, configurations, and changes.
- Mentor and upskill team members, fostering a culture of continuous learning and improvement.
- Provide guidance and support to help staff with career development and growth within the IAM domain.
- Act as the go-to expert for troubleshooting the most challenging IAM issues, ensuring quick and effective resolution.
- Lead incident response efforts and root cause analysis to prevent future occurrences.
- Lead and participate in IAM project work, ensuring timely and successful delivery of IAM initiatives.
- Collaborate with cross-functional teams to achieve project objectives and enhance IAM capabilities.
- Support staff with career development by identifying opportunities for growth, providing feedback, and facilitating training and development programs.
The Requirements:
- Bachelor’s degree in computer science, Information Security, or a related field or equivalent experience.
- Well experienced in identity management and security, along with some experience in a leadership role.
Technical Skills:
- Strong understanding of IAM and PAM concepts, methodologies, and technologies.
- Proficiency with Entra-ID (Azure Active Directory) and on-premises Active Directory.
- Experience with JML processes, particularly using Microsoft Identity Manager (MIM) and Azure Lifecycle Management.
- Proficiency in Access Governance technologies, including Privileged Access Management (PAM) tools like CyberArk and Azure Privileged Identity Management (PIM), or SailPoint.
- Experience implementing Single Sign-On (SSO) solutions using Entra Enterprise Applications, SAML, and OAuth/OIDC.
- Knowledge of scripting and automation tools, specifically C# and PowerShell, for efficient identity management.
- Strong problem-solving skills and the ability to work under pressure.
- Strong communication and interpersonal skills, with the ability to lead cross-functional teams.
- Proven ability to work in a cross-functional environment with various technical verticals. Partner with other teams such as Architecture, Lines of Business, Information Security, and vendors.
Nice-to-Haves:
- Additional Technical Skills:
- Experience with CIAM solutions, such as B2C and Entra External Identities.
- General knowledge of networking, Windows operating systems, and Azure infrastructure management.
- Experience with other access governance tools like SailPoint.
- Experience mentoring and upskilling team members.
- Demonstrated ability to set team standards of excellence for processes and documentation.
- Proven ability to support staff with career development.
- Experience managing and participating in project work.
Preferred Qualifications:
- Relevant certifications such as CISSP, CISM, or IAM-specific credentials.
- Experience with regulatory compliance frameworks like GDPR, HIPAA, SOC or SOX.
- Advanced degree in related discipline.
Equal Opportunity Employer
At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organization. We embrace all types of diversity.
At WTW, we trust you to know your work and the people, tools and environment you need to be successful. The majority of our colleagues work in a hybrid” style, with a mix of remote, in-person and in-office interactions dependent on the needs of the team, role and clients. Our flexibility is rooted in trust and “hybrid” is not a one-size-fits-all solution.
