Hybrid - 2 days per week onsite at Eagan campus. (Buildings are physically closed on Fridays)
Core hours are 7am-4pm / 8am-5pm.
Please ensure that candidates are being fully vetted prior to submission and are being provided accurate assignment durations!
Seeking candidates possessing experience with Okta, Entra, and CyberArk
Identity and Access Management (IAM) Engineer
Responsibilities
Reporting to the Director, Identity and Access Management, the Identity and Access Management (IAM) Engineer will be responsible for implementing and managing Blue Cross MN’s identity services and platforms
Demonstrated experience in scripting or software development
Act as an internal consultant and architect for the IT Engineering and Operations Management
Design, implement, and evaluate current and future initiatives for the highest level of efficiency and performance
Isolate and resolve complex systems problems
Accountable for development and implementation of engineering standards and processes
Develop, modify and implement standard operating procedures for hardware/software, and system design, originate specifications, control documents, verification and validation plans, procedures, reports, or other documentation in support of design and development activities
Assist management and engineering staff in the evaluation, analysis, architecture, design, and implementation of enterprise programs and projects
Research, analyze, evaluate and provide recommendations to management on future technology direction
Perform peer review on complex change implementations, to ensure completeness and minimal impact to members
Deploy and document changes in accordance with enterprise problem and change management processes
Lead problem management and root cause analysis discussions with fellow engineers and analysts
Proactively identify solutions to potential issues and embrace simplification
Serve as escalation point for high severity issues and troubleshoot / resolve complex incidents
Provide assistance and expertise to management on improvements to company productivity, systems performance, high availability, monitoring, and operational costs
Assist management in maintaining service agreements, maintenance contracts, or other assigned vendor-related administrative duties
Drive and be accountable for all assigned tasks, and remain continuously self-challenged in setting and delivering on agreed deadlines and milestones
Serve as technical team lead on programs or projects that are assigned by management
Troubleshoot complex issues, provide technical guidance and act as Subject Matter Expert
Manage enterprise identity directories, including Workforce and Customer
Lead integration efforts between IDP and other platforms and services
Participate in troubleshooting and incident resolution of complex high severity incidents
Participate in disaster recovery, capacity planning, performance monitoring, and maintenance to ensure high availability
Work with internal and external application support teams to extend the use of our identity solutions via direct Active Directory integration, SAML, RADIUS or other mechanisms
Provide 24x7 support as needed for emergency situations and planned maintenance activities - call rotation between 4 other individuals on a weekly basis
Qualifications And Requirements
Bachelor’s degree in information technology or related field, plus 3-5 years of previous identity and access management experience
The individual must have a proven track record in delivering identity solutions that are functional, secure, scalable, and reliable
Able to provide after on call support (as needed for emergency situations and planned maintenance activities) - call rotation between 4 other individuals on a weekly basis
As a member of a small team in a fast-paced environment, this role will require both strong intellectual agility and hands-on technical skill
Strong written and verbal communication skills - ability to communicate effectively with all levels of audience including executive leadership
Powerful analytical and problem-solving skills- including the ability to develop solutions in new and creative ways
Ability to independently clarify and assess ambiguous issues in order to develop consensus toward a solution
Experience in developing architectural designs, topologies and implementation engineering guidance documents
Experience training or mentoring both technical and non-technical diverse audiences
3 + years working with Single Sign-on Technologies like Okta, Entra, SecureAuth, & Azure AD in support of Single Sign On
3+ years working with Identity Provisioning Tools from vendors like Saviynt, Salipoint, Okta, Oracle, RSA, Or One Identity
2+ years working with PAM Tools like CyberArk, BeyondTrust, Thycotic, Saviynt CPAM
2+ years working with multiple MFA Methods and when to deploy each type of MFA method
Experience with onboarding new applications for both SSO and Identity Provisioning