Lead Cloud IAM Engineer

About The Job:

We are seeking a Lead Cloud IAM (Identity and Access Management) Engineer, who will play a crucial role in securing our organization's cloud identities. This role demands deep expertise in Cloud and IAM technologies, tools, and methodologies, and a proven track record in designing and securing complex systems. The successful candidate will keep abreast with the latest industry trends and regulatory compliance requirements, ensuring our IAM practices within the cloud align with these standards.  

This role will be a leader within the Cloud IAM team and play a critical role in how we approach securing our cloud environment in partnership with stakeholders across the enterprise. Owning and driving the maturity of our cloud identity strategy will be a key focus for this role. If you're a forward-thinking leader with a strong foundation in Cloud and IAM with a desire to work in a fast-paced, dynamic environment, we encourage you to apply! 

What You'll Do:  

• Works under minimal supervision within the Cloud domain within the IAM Department on larger and complex projects 

• Able to perform the most advanced development tasks within their domain independently but may need assistance from others when working outside of their IAM Domain 

• Handles very high complex issues independently but may need assistance from others on team for more the most complex issues 

• Has a solid understanding of general security frameworks and delivery models 

• Begins to master multiple IAM Domains 

• Defines how Identity & Access Management and tools should be used within their IAM Domain(s) 

• Contributes to overall IAM Strategy for domain(s) they represent 

• Defines knowledge of engineering best practices within their IAM Domain(s) 

• Has an advanced understanding of Identity & Access Management outside of their IAM Domain and how their work impacts others. 

• Leads the architecture of IAM solutions, considering scalability, security, and usability requirements within their domain(s) 

• Stays updated with the latest IAM technologies, trends, and emerging threats, and proactively implement necessary measures to mitigate risks. 

• Leads collaboration with third-party vendors and partners to evaluate IAM tools and services 

• Advanced skills of requirements gathering and seeing through the eyes of the customers and aligns technical objectives to business objectives 

• Able to troubleshoot or analyze the most advanced process issues, identify cause, and recommend efficiencies or provide formal reporting 

• Provides recommendations to higher level staff of how to resolve new or complex issues 

• Provides technical leadership, guidance, and mentorship to their IAM Domain and more junior IAM personnel outside of their domain 

• Exhibits appetite for continuous learning and improvement  

What You'll Bring to the Role:

• Bachelor's degree in Cyber Security, Computer Science, Information systems or equivalent work experience in the IT field, with at least a portion of that time in Security related position 

• 6-8 years of professional experience required 

• Experience architecting and securing enterprises within public cloud environments, AWS preferred

• Experience in the following domains: Directory Services (SSO/Federation, Active Directory, Azure, AWS), Identity Governance & Administration (Sailpoint IIQ, Access Certifications), Privileged Access, Client Identity and Access Management 

• *Relevant certifications such as CISSP, CISM, or similar certifications are highly desirable 

Skills You Have:

• Access Management Tools & Technologies: Utilizes various Access Management tools, including some but not all tools such as Okta/Auth0, Microsoft Azure Active Directory, Directory Services, SailPoint, Resource Access Control Facility (RACF), CyberArk/HashiCorp Vault, Azure, AWS, etc.
• Cloud Deployment Models: Contributes to Northwestern Mutual's overall cloud business strategy via various use cases, value and strategies for private, community, public, and hybrid deployment models.
• DevSecOps: Applies continuous integration and delivery to implement applications and services at a higher velocity and introduces security into the development process. Utilizes DevOps mindset to shift security and vulnerability approach and ensure that applications are secured and address OWASP (Open Web Application Security Project) standards and stays up to date on enterprise DevSecOps updates and standards.
• Identity Protocols: Utilizes identity protocols such as, SAML, OAuth, OpenID, LDAP, and Kerberos to provide strong authentication for network resources, including devices, applications and databases.
• Security Practices: Undertakes best practices of technologies, policies, and processes designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access.
• Strategic Vision & Planning: Develops, defines, and executes strategic vision for the team and business function they manage with an understanding of the enterprise’s goals as a people manager; defines business planning, strategy formulation, and management engine to support strategic vision.
• Technical Problem Solving: Conducts in-depth analysis of technology needs, issues, and roadblocks within assigned scope, applies best practice based on experience and expertise, explores the “art of possible”. Solves problems effectively and gains alignment on the path forward. Defines, understands, and documents what is being solved for.

#LI-Hybrid