Senior IAM Engineer

The Engineer for the Identity & Access Management  (IAM) function is responsible for identifying, delivering and supporting the technology used to deliver Sidley’s overall Identity & Access Management program, which is designed to ensure the Firm’s user identities, accounts, credentials and system access are fully and completely managed for all system users. The Engineer is responsible for the current technology in place (Okta Verify/SSO, Microsoft/Azure AD, CyberArk, etc) and ensuring successful operations, interoperability and general well-being.  S/he works proactively with IAM Manager, IAM senior technical staff and various IT and business departments to implement services that meet Sidley’s current and future IAM needs.

The IAM Engineer  is a proven technologist and a hands on problem solver, as well as, an effective internal consultant, who will regularly advise others on access and security/risk related issues. S/he must possess domain competencies in a number of related  disciplines, including security, risk, access control, overseeing Active Directory (on premises and Cloud based) authentication, multi factor authentication and entitlements reviews.

• Work with the IAM Manager to build out and oversee the IAM function’s technical controls and its related activities including planning, testing, reporting and delivering IAM services.
• Oversee the implementation of all current solutions to ensure they are configured appropriately and are delivering maximum value for the Firm. Review current documentation such as Procedures, run books, and Knowledge Base Articles used by the Service Desk. Review and/or establish Best Practices where applicable
• Engage and interact with other IT Departmental Engineers to ensure future efforts (ours and their’s) result in continued uninterrupted delivery of all IAM services.
• Demonstrate extensive understanding of IAM concepts such as directory services, SSO, federation, MFA, provisioning, access certification, roles and SOD.
• The analysis, design, implementation, and maintenance of all layers of IAM applications, including Authorization / Authentication and Account Creation / Management / Provisioning / Retirement in data repositories. Including; strategy, organizational design, process re-engineering and technology implementation.
• Drive technology discussion and strategy in line with business needs to develop technology roadmap, including presentation of complex technical materials in simplified terms for non-technical audience.
• Functional areas and work experience should include; fine-grained access control, policy driven security, Identity Governance, Access Management, and Privileged access management, user provisioning/de-provisioning, and federation.
• Provide support with respect to requirements gathering, project management and delivery of one or more Identity platforms, such as SailPoint (Identity IQ), Okta, and Saviynt.
• Serve as the central point of contact for information security and IAM policy and process related issues.
• Address Vulnerabilities, Pentest findings and audit issues in a timely manner.
• Support Governance, Risk & Compliance (GRC) and Disaster Recovery (DR) efforts and initiatives.
• Participate in a 24x7x365 on-call rotation
• Stay abreast of industry trends, solution landscape and market conditions and update peers and management accordingly.
• Other duties, as assigned.

To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email staffrecruiting@sidley.com (current employees should contact Human Resources). 

Education and/or Experience: 

• Bachelor's degree or equivalent combination of education and/or experience.
• Minimum of 5 years of experience in Technical IAM related roles, ranging from technical tool selection, implementation and operations. Cloud based and cloud adoption a must.
• Hands-on technical experience in systems integration or software engineering of identity and access management (IAM) solutions (such as BeyondTrust, Delinea, Okta, SailPoint, Saviynt, Active Role Server etc.)
• Experience with Linux/Unix, Windows, scripting (with programming languages such as Bash, PowerShell, Perl, or Bash), SQL, LDAP, and web services
• Expertise with Microsoft Active Directory (Azure AD) and GPO management, AD Domain Controller Monitoring on Windows Desktop and Server environments.
• Experience with IT Security and Governance Risk and Compliance functions and their needs.
• Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and/or Information Technology Infrastructure Library (ITIL).
• Experience developing, deploying, integrating and supporting IAM services within a larger IT organization showcasing strengths in teamwork and establishing successful partner ships.

Preferred:

• Multiple years of Legal Industry or Financial Services experience
• Experience with one or more programming languages such as Java, C#, C/C++, Python, or JavaScript
• Experience initiating new technologies and delivery high level services
• Experience interacting with senior/executive members and presenting material in a simple straight forward manner
• Industry specific training or certification

Other Skills and Abilities:

• Strong organizational skills
• Strong attention to detail
• Good judgment
• Strong interpersonal communication skills
• Strong analytical and problem solving skills
• Able to work harmoniously and effectively with others
• Able to preserve confidentiality and exercise discretion
• Able to work under pressure
• Able to manage multiple projects with competing deadlines and priorities

Sidley Austin LLP is an Equal Opportunity Employer