Job description / Role
The Identity and Access Management engineering position requires a passion for building and implementing security and identity management in a fast paced environment. It will involve all technical aspects of identity and access management and require participation in project oriented work. This position provides the opportunity to participate in multiple areas of IT infrastructure to develop and implement identity and access solutions for our environment without diminishing productivity.
• Leverage expertise in access role development, maintenance and defining application level roles or groups, and permissions to ensure secure authentication and authorization mechanisms are aligned with policies and standards.
• Implement processes and technologies to meet the Role Based Access Control (RBAC) needs within an Identity and Access Management (IAM) framework.
• Present findings and recommendations, to key stakeholders in order to implement an RBAC framework.
• Ensure identity and access management infrastructure is running optimally and effectively. Develop and maintain technical solutions for the ongoing improvement of identity life cycle management.
• Manage IAM log data including configuring log sources, dashboards, rules, and reports in log analysis service.
• Work with business and solution owners to identify and maintain user role definitions.
• Foster close working connections with staff and management to ensure the secure design and operations for applications and infrastructure while acquiring and retaining comprehensive working knowledge of all infrastructure and related systems.
• Promote IAM and secure practices. Support ongoing and new IAM, security and compliance initiatives.
• Identify, deploy & integrate IAM & related technologies. Promote functional & operational improvements based on detailed knowledge of applications & systems security capabilities. Improve efficiency by automating & orchestrating repetitive/manual tasks.
• Performs other related duties as assigned.
• Bachelor's Degree
• Bachelor’s degree in a related field or equivalent experience.
• Extensive experience with AD, LDAP, Twofactor, SAML and other authentication technologies.
• Experience using and managing open source technologies without vendor support.
• 4 or more years security or IAM related experience.
• Experience with Ruby, Python, PHP, PowerShell, SQL, and/or shell scripting.
• Experience with administrating authentication technologies such as Microsoft Active Directory, Sun LDAP, UnboundID LDAP, Shibboleth, SimpleSAMLphp, Kerberos, OpenID Connect, Oauth, and federated identity management.
• Understanding of virtualization and Cloud (SaaS, PaaS, IaaS) technologies and ability to make recommendations on its use it securely would be an advantage
• Previous experience within Information Technology at an Academic Institution and knowledge of regulatory requirements (HIPAA, FERPA, etc.) desirable
• Experience working with multidisciplinary teams and with a Project Management Office desirable
• Knowledge of technologies at all levels of the OSI levels, layers 1 through 7 would be an advantage
• Familiarity with SharePoint, Box, Dropbox, Confluence (wiki), ServiceNow, or similar documentation storage and management system an advantage
Knowledge, Skills and Abilities
• Strong problem solving and decision making skills
• Ability to explain in detail how networking protocols (TCP/IP) and service protocols (HTTP, HTTPS, SSL, SSH, SMTP, SAML, DNS) function
• Excellent written and verbal communication skills, on both technical and nontechnical topics
• Ability to create and present diagrams and reports for technical and non-technical audiences.
• Ability to think outside of the box in terms of designing systems and solutions.
• Must be able to work in a very demanding and high pressure environment.
• Ability to produce professional level documentation and reporting using Microsoft Office.
• Fluency in navigating and using MAC 0S and Linux and/or Windows
Working Conditions/Physical Demands
• Ability to deliver under tight deadlines and work out of hours as needed
About the Company
Founded in 1898 and affiliated with what is now New York - Presbyterian Hospital (NYPH) since 1927, Weill Cornell Medicine-Qatar (WCM-Q) is one of the top-ranked clinical and medical research centers in the U.S. It is committed to excellence in research, teaching and patient care, and the advancement of the art and science of medicine.
In addition to the degree in medicine, Weill Cornell offers PhD programs in biomedical research and education at the Weill Graduate School of Medical Sciences; a joint MD-MBA program with Cornell's Johnson School of Management; and a joint MD-PhD program with Rockefeller University and Sloan-Kettering Institute.