Identity and Access Management Engineer III

The Identity and Access Management Engineer III position will provide thought leadership, strategic guidance, design consultation, project planning and implementation readiness assistance for our IAM program, which is now heavily influenced by a role based access control (RBAC) platform. This role will focus on understanding the current IAM landscape along with the ACA's short, medium- and long-term requirements and help develop a roadmap for the department into the future., * Privileged Access Management [PAM]

• Assist with implementing a new Privileged Access Management (PAM) software and be a subject matter expert regarding the PAM software and capabilities to the organization.

• Identity & Access Management [IAM]

• Oversee IAM development and implementation efforts on major projects. Identify and document minimum necessary permissions and entitlements for all ACA users by using roles based on job title.
• Liaison with HR, Hiring Managers, and Infrastructure regarding Onboarding processes and procedures
• Manage end user Accounts & Credential Lifecycles
• Support enterprise rollout of IAM initiatives and services (SSO, LDAP, SAML, etc)

• Amazon Web Services [AWS] IAM

• Liaison with Architect & Developers for any AWS IAM role creations/edits/audits
• Technical Writing
• Develop/update policies, processes, protocols, and standards for the design, implementation, maintenance, and support of various enterprise PAM security and identity tools.
• Develop/update technical process & procedural documentation as needed
• Develop/update any training documentation as needed
• Collaborate on any Standard Operating Procedures, Runbooks, and Statements of Work as needed

• Resolve complex technical issues related to security and user access.
• Participate in user and access security, audit, and compliance investigations.
• Ensure all ACA systems, networks, and processes adhere to a layered security platform, follow NIST best practices, as well as Access security methodologies
• Partner with internal departments as Information Security Subject Matter Expert [SME] to ensure layered security and address any security concerns for new ACA products/services.
• Serve as a liaison to technical and business users to ensure requirements are understood and interpreted correctly.
• Identify and manage existing and emerging risks that stem from identity and access management functions.
• Augment and enhance user, role, and permissions audits.
• Participate in enterprise roadmap discussions and feature requests as they relate to identity and access management functions.
• Collaborate with peers to tune and enhance information security as it relates to identity, access, and privileged access management.

Activities will require interaction with PAM Software, Onboarding, Active Directory, Azure, IAM software, Department Managers, AWS, and Offboarding. The position utilizes one-on-one consultancy to end users and ACA IT and HR staff. The position's responsibilities require excellent written & verbal communication, team-oriented work ethics and problem-solving skills., * Experience working with IAM and PAM technologies in an implementation or designer role.

• Solid understanding of RBAC, and its applicability in large, regulated environments.
• Advanced Knowledge of Identity & Access Management End User Accounts & Authorization, Authentication and Credential Lifecycle
• Advanced Knowledge of single-sign-on, federation, and multi-factor authentication tools and services.
• Knowledge of Active Directory and Azure Active Directory
• Knowledge of network and host-based security, applications and data security
• Knowledge of Atlassian JIRA ticketing system
• Ability to understand and translate technical terminology and/or aspects of projects/tasks.
• Excellent technical investigation and problem-solving skills.
• Ability to work alone and in a team setting.
• Good verbal and written communication skills with a strong customer service orientation.
• CompTIA Security+ certification is a plus
• AWS Cloud Practitioner certification is a plus

Supervisory Responsibility This position has no supervisory responsibilities.

ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.