The Opportunity
The Enterprise Technology Experience organization seeks an experienced and detail-oriented Identity and Access Engineer who can assist with designing and developing the Identity and Access Management environment (IAM).
This is an opportunity for you to work in a fast paced, innovative, and collaborative environment on exciting technology directives, directly impacting the way security is integrated into daily business processes.
Ideally, you will have a deep understanding of identity lifecycle management, directory services, authentication protocols, and modern IAM platforms.
The Team
This role is a part of the IAM Engineering Team, which is a strategic arm of our Security Platform Engineering organization, and is crucial for maintaining strong security, compliance to security controls, and assisting with operatonal efficiency.
This group is responsible for building and maintaining the core identity platforms for MassMutual, as well as designing and deploying strategic solutions that will enable access controls to be embedded into strategic business processes.
The Impact
As an IAM Engineer, you will be responsible for leading project delivery work, partnering with enterprise and solution architects to design and deploy secure solutions, assisting IAM operational support teams as needed for troubleshooting.
You will partner with vendors to solve strategic challenges that align with enterprise roadmaps and will have an opportunity to utilize your experience and expertise to improve existing processes, patterns, and infrastructure.
*** This position can be located in our Springfield, MA, Boston, MA, or NYC office.
The Minimum Qualifications
8+ years experience in the following areasweb infrastructure and web infrastructure design conceptsworking with Federation services and Certificate managementworking with protocols such as SAML and OIDCworking with Linux and Windows operating systems supporting Directory Services (such as Ping, AD, Okta, Entra, etc.)with documentation and demonstrated ability in operational hand offworking on Security and Operation Incident objectivesin audit remediation and mitigationssupporting complex environmentsdesigning, implementing, deploying, and maintaining IGA solutions such as SailPoint, Saviynt, Oktawith Identity Lifecycle Management, Access Reviews, Intelligence (Analytics), Roles and Rules management, and Segregation of DutiesMust be authorized to work in the United States without sponsorship both now and in the futureThe Ideal Qualifications
Bachelor of Science in Computer Science or Information Management7-10 years of experience in a complex web infrastructure environmentUnderstanding of web security concepts and security in-depthAbility to collaborate across lines of business to consult and guide projects as neededAbility to grasp large scale, enterprise class deploymentsSoftware system integrationTroubleshooting and triage of complex production issues, with technical support to operations and supporting teamsUnderstanding of the Atlassian productivity suite (JIRA, Confluence, Bitbucket, etc)Excellent Organizational SkillsExcellent written and verbal communication skills.
Will be communicating technical information to non-technical end usersExperience maintaining various web proxies using Security Access ManagerAbility to look at the big picture and recommend designs based on industry best practiceDeep understanding SSO solutions using Okta, SAM Federations and Auth0 technologies Experience integrating third party applications with on-prem/AWS deployed solutionsExperience with many of the following: Akamai, NGINX, AWS, F5, IHS/Apache, Python, NodeJS, netmon/wireshark, Auth0, Okta, LDAP, Active Directory, IBM ISAM, F5Understanding of MFA including RSA adaptive authentication and SecureIDIdentity tokenization and underlying standards (SAML, OAuth, Kerberos, etc)Familiarity with IAM concepts like privileged access, zero trust, and access governanceFamiliarity with PKIFamiliarity with security frameworks and regulations (e.g., NIST, GDPR, HIPAA) that impact identity and access managementComfortable challenging status quoAbility to support and maintain various LDAP repositories using Security Directory Server and associated utilitiesAbility to think critically under pressure and deliver on timeAbility to work independently with minimal supervision#LI-SC1
Salary Range:
$134,400.00-$176,400.00
At MassMutual, we focus on ensuring fair equitable pay, by providing competitive salaries, along with incentive and bonus opportunities for all employees.
Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component.