Western & Southern Financial Group

Iam Engineer II

Information Technology
Full Time
Western & Southern Financial Group


Summary of Responsibilities:

Works closely with the Identity & Access Management (IAM) team to develop, build and deliver the future state IAM strategy for the Enterprise. This includes helping define a vision for how identities will be managed across all parts of the business, and how the associated access to systems and data will be maintained. Assists in driving the technical delivery of IAM solutions required to support the needs of the business. Works to understand industry best practices, emerging trends and the latest open source methods that will help address current challenges and enable new ways of delivering value to the Enterprise. Supports senior team members as a consultant to IT project teams and application development teams to provide assistance in their deployment of business and IT applications. Escalates when needed and updates senior team members and Manager on a regular basis.


Position Responsibilities:

  • Supports technical efforts in the maintenance and execution of a multi-year IAM strategic plan that is aligned with business priorities, industry best practices and the enterprise information security strategic plan.

  • Assists in evaluating and implementing IAM products and services required to meet business and technology requirements, which includes directory services (e.g., AD), identity federation (e.g., SAML, SSO and ADFS), Multi-Factor Authentication (MFA), and Identity Management (IdM). Helps develop monitoring and reporting on the health, effectiveness and efficiency of IAM services.

  • Works with senior team members to ensure requirements are gathered, processes defined and use cases documented. Provides configuration and development support. Helps with User Acceptance Testing and bug-related engineering efforts. Participate in all IAM deployment activities. Assist team in providing post production support.

  • Implements scalable access management and identity lifecycle processes for internal (associate) and external (customer, producer and bank channel) identities.

  • Helps identify opportunities for automation and standardization when needed for the user lifecycle provisioning process (requesting, approving, implementing and auditing user access).

  • Works with senior team members in developing integration requirements and design. Helps in integrating applications and third-party products into the IAM platform to utilize provisioning, de-provisioning and user lifecycle management. Assists team by providing technical support and performing operational fixes related to integration code.

  • Assists in the support of the role-based access control (RBAC) model and the development of RBAC processes and procedures. Helps create and maintain role-based access control documentat+C2:C9

  • Administers access rights reviews. Follows up with reviewers to answer questions or provide additional data insight.

  • Supports senior team members in consulting on IT and business projects. Helps consult on access related topics for associates as it relates to onboarding, transfers, etc.

  • Conducts in-depth research to understand industry best practices, emerging trends and the latest open source methods. Provides input to senior engineering team members.

  • Supports senior team members in providing consulting to IT and any associated projects. Helps consult to IT project teams and application development teams to assist in the evaluation and design of their IAM needs.

  • Performs other duties as assigned by management.


Selection Criteria:

  • Demonstrated knowledge in the areas of identity and access management, provisioning and de-provisioning, password management synchronization, authentication, authorization and single sign-on or commensurate experience.

  • Proven experience in working on identity and access management projects.

  • Demonstrated inherent passion for information security and service excellence

  • Proven ability to identify project risks and gaps, developing creative and workable solutions to complex problems and policy issues.

  • Demonstrated strong team player – collaborates well with others to solve problems and actively incorporate input from various sources.

  • Proven strong analytical and problem-solving skills with the ability to grasp new concepts and apply them; effectively evaluates information/data to make decisions; anticipates obstacles and develops plans to resolve.

  • Demonstrated excellent verbal and written communication skills with ability to convey information to internal and external customers in a clear, focused and concise manner.

  • Proven calm and professional demeanor when handling demanding situations.

  • Demonstrated ability to work with a team and multiple stakeholders to provide direction and oversight.

  • Proven self-starter with strong internal motivation.

  • Demonstrated ability to work under multiple deadlines and with minimal supervision.

  • Proven experience in completing assigned tasks accurately and on a timely basis.

Work Setting:

  • This position works in an office setting and remains in a stationary position for long periods of time while working at a desk, on a computer or with other standard office equipment, or while in meetings.

  • Requires visual acuity to read a variety of correspondence, reports and forms, and to prepare and analyze data in an accurate, neat and thorough manner.

  • Continuously makes repetitive motions of the wrists, hands and/or fingers.

Educational Requirements:

  • Bachelor’s degree in computer science, computer engineering, IT or a related technical field, or commensurate selection criteria experience.

Computer Skills and Knowledge of Hardware & Software Required:

  • Knowledge or experience with one or more IAM solutions such as NetIQ Identity Vault, SailPoint Identity Governance, etc.

  • Experience in identity and access governance, including role-based access control (RBAC), user identity lifecycle management and access certification.

  • Understanding of directory services (Active Directory, LDAP, eDirectory).

  • Understanding of federation, SSL, SAML, OAuth, OpenID Connect, and identity governance and administration (IGA) technologies.

  • Understanding of IAM frameworks, practices, systems and controls.

  • Understanding of privileged access management solutions such as CyberArk, Thycotic, etc.

  • Knowledge of multi-factor authentication (MFA) solutions and technologies.

  • Experience with Linux-based and MS Windows-based system platforms.

  • Knowledge of enterprise, network, system and application-level security issues.

  • Scripting skills preferred (examples include Python, Perl, JavaScript, PowerShell).

Certifications & Licenses (i.e., Series 6 & 63, CPA, etc.):

  • Candidate encouraged to hold one or more of the following security certifications: Certified Information Systems Security Professional (CISSP), any GIAC certification or ISACA certifications

Position Demands:

  • Extended hours required during peak workloads or special projects and off-hour support.

  • Occasional travel may be required.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.