Principal Engineer for Identity and Access Management

Our insurance client is looking for a Principal Engineer for Identity and Access Management. The Principal Engineer for Identity and Access Management will be a key technical lead and a member of a diversified team of security technology professionals. In this role, you will be working as a hands-on security expert in the areas of Identity and Access Management. The technologies you would be primarily responsible for include but are not limited to Identity Governance & Administration, Risk-Based Authentication, Password less Authentication, Privileged Access Management, Active Directory Security, etc. You will have the opportunity to work with cutting-edge technologies to tackle advanced security threats in a collaborative, agile environment. The ideal candidate has extensive knowledge in areas such as Identity Governance and Administration, Access Management, and/or Privileged Access Management. This position operates remotely on EST hours, but you must be willing to occasionally travel to Orlando, FL.

• Design and develop security architecture and solutions in the area of Identity Governance & Administration (Sailpoint), Risk-Based Authentication (Okta), Passwordless Authentication (Okta), Privileged Access Management (CyberArk, BeyondTrust, Thycotic, etc.), Active Directory Security, etc.
• Provide technical expertise and real-life experience in creating solutions, designs, proof of concept, and implementation.
• Maintain and support integrations with enterprise applications and platforms.
• Lead transformation workshops across security, network, application, authentication, and Enterprise Architecture teams to challenge, design, and plan for the next-gen Zero Trust model using IAM technologies.
• Provide engineering and technical guidance for supporting the automation of interacting with security tools and services that support the IAM program.
• Collaborate with cross-functional teams and regularly articulate and communicate to diverse audiences and correctly translates security and risk management terminology into business terms, and recommend solutions to these stakeholders.
• Helps coordinate and drive remediation of identified risks and control deficiencies.
• Contributes to general enterprise architecture framework and strategy development and enhancements.
• Attend and participate in application projects and change management committee meetings. This includes interacting with business units and technical teams to understand what is coming and how projects can be more secure from the beginning to build a secure-by-design approach.
• Should have the ability to work in a distributed team environment where team members are spread across numerous locations and often communicate virtually to support.
• Remain current with new security threats and assess systems to ensure they can defend the business.

• Minimum of 10 years' experience in the area of Information Security domain
• 5+ years of experience in at least one of the following: JavaScript, Java, TypeScript, SQL, Python
• Should have sound knowledge of protocols / standards like OpenID Connect, OAuth2, MFA, SAML, Kerberos, and LDAP
• Should have knowledge and experience in Defense in Depth model and Zero Trust architecture
• Should be well-versed with Cloud technologies, especially Azure
• Preferred candidates with knowledge of security frameworks such as CIS, NIST CSF, etc., that inform risk and design
• Should have experience working with products such as Sailpoint, Okta, CyberArk, Active Directory, etc.
• Must be willing to handle hand on the role and flexible with non-business hour support as and when required
• Good to have cybersecurity certifications such as Security+, CISSP, CISM, CCSP, etc.