What is the role?
We are looking for a Lead IAM Engineer within Northwestern Mutual' s Identity and Access Management (IAM). You guide the team on standard processes, keeping up with industry trends and ensuring our technology platform can meet the needs of our people and process demands.
Primary Duties and ResponsibilitiesLead the design, development, and deployment of SailPoint IdentityIQ solutions, including access provisioning, identity lifecycle management, and role-based access control.
Works with only general supervision on large IAM projects; often providing direction to others on team. Is a leader within the IAM organization with the expectation to represent IAM outside the IAM domain. Freely shares IAM knowledge and testing techniques to others within and outside domain
Contributes to the innovation of software solution development across IAM domains
Consults on right-sizing decisions, software solutions, and services.
Recognized as having expert knowledge across IAM domains
Provides day-to-day leadership and mentoring to less experienced engineers
Regularly monitors the security community for, and researching, the latest assessment and exploit methodologies. This work is concluded by sharing the information back to the team in the form of newly written tools and/or attack techniques via informal internal training sessions.
Design and implement policy-based access control (PBAC) mechanisms to enforce fine-grained access controls based on organizational policies and regulations.
Design and implement scalable separation of duties (SoD) controls using industry best practices and modern IAM solutions.
Bachelor's degree in Cyber Security, Computer Science, Information systems or equivalent work experience in the IT field, with at least a portion of that time in Security related position
8-10 years of professional experience required
Experience with engineering best practices to include analyzing, designing, developing, deploying, and supporting software solutions, and/or infrastructure implementations/upgrades.
Proven experience as a SailPoint IdentityIQ Engineer, with a strong understanding of identity and access management concepts, protocols, and standards.
Proficiency in Java programming and scripting languages such as PowerShell or Python for custom development and automation.
Experience working with web technologies, databases, and operating systems relevant to SailPoint IdentityIQ.
Experience with policy-based access control (PBAC) design and implementation
Experience with segregation of duties framework design and implementation
Strong problem solving skills
Strong sense of ownership and the ability to work with a limited set of requirements.
Ability to explain technical solutions to technical and non-technical teams.
Strong ability to align technical needs to business processes.
Strong ability to breakdown work to deliver value incrementally.
Experience preferred with Agile methodologies/DevOps environment.
Our Benefits!
Highly competitive compensation, including annual bonus opportunities
Medical/Dental/Vision plans, 401(k), pension program
Tuition reimbursement, commuter plans, and paid time off
Extensive Professional Training Opportunities
Excellent Work/Life Balance
#LI-Hybrid
Compensation Range:
Pay Range - Start:
Pay Range - End:
N ort hwester n Mutual pays on a geographic-specific salary structure and placement in the salary range for this position will be determined by a number of factors including the skills, education, training, credentials and experience of the candidate; the scope, complexity as well as the cost of labor in the market; and other conditions of employment. At Northwestern Mutual, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Please note that the salary range listed in the posting is the standard pay structure. Positions in certain locations (such as California) may provide an increase on the standard pay structure based on the location. Please click for additional information relating to location-based pay structures.
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in California, Colorado, New York City, Washington or outside of a Corporate location, please click for information pertaining to compensation and benefits.