Principal IAM Engineer
Whole Foods Market Information Technology Team is looking for a talented individual that can provide design and drive implementation of Identity and Access Management (IAM) services and infrastructure. This is a Technical role on a Team with equally dedicated and passionate Engineers supporting our IAM services.
This position will be based with the Global Technology Team in Austin, TX. We are open to consider/discuss remote work from home situations.
Responsibilities:
- Design and manage the next generation Privileged Access Management (PAM) processes using industry leading technology stacks and diving deep to resolve issues as they arise.
- Securely manage the identity lifecycle including user authentication and authorization for on premise and cloud solutions using an AWS and Microsoft centric technology stack.
- Defines and leads in the design of programs that support and align with cloud-based online service strategies and engineering requirements for evolving security services, mechanisms, and safeguards.
- Take part in an after-hours on-call support rotation and implement solutions, patching and deployment activities after hours as needed.
- Establish Identity Governance and Privileged Access strategy, architecture, and designs
- Work closely with technology and business stakeholders across Whole Foods Market and associated organizations
- Lead cross-functionally to accelerate the development and deployment of new security features
- Proactively identify and resolve challenges and issues that may impair the team’s ability to meet strategic, business, and technical goals.
- Developing solutions using a cloud first approach within Amazon Web Services (AWS).
- Evaluate vendor solutions to ensure they meet technology and cloud standards, as well as all applicable architecture considerations.
- Develops metrics that demonstrate the current risk state, indicators of progress, and IAM business alignment.
- Engages with development teams during operational security reviews and provides leadership and security design guidance.
- Monitors technology and security developments and ensures the company’s security framework follows industry best practices.
- Advanced understanding of standard identity management tools, technologies, and processes.
- Plays a key and influential role working with others, in groups, in cross-functional settings and with diverse stakeholders internally and externally.
Qualifications:
- 7+ years designing and managing Privileged Access Management (PAM) solutions, such as BeyondTrust, CyberArk, Liberman, or Thycotic
- 7+ years designing and managing Identity Governance and Administration (IGA) solutions such as Microsoft Identity Manager
- 3+ years software development leveraging C#
- 2+ years experience with Amazon Web Services (AWS) including management of IAM roles and automation of infrastructure deployment across multiple AWS accounts
- Proven analytical thinking, attention to details, and exceptional organizational skills
- Knowledge of professional software engineering practices & best practices for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations
- Experience on large security access system upgrades/projects using the Scaled Agile Framework (SAFe)
- Advanced understanding of IAM solutions and related technologies including Azure AD, Microsoft Identity Manager (MIM), Kerberos, LDAP, claims, entitlement and role mapping, etc.
- B.S. Degree in Computer Science or related IT work experience in a global information technology environment.
At Whole Foods Market, we provide a fair and equal employment opportunity for all Team Members and candidates regardless of race, color, religion, national origin, gender, pregnancy, sexual orientation, gender identity/expression, age, marital status, disability, or any other legally protected characteristic. Whole Foods Market hires and promotes individuals solely based on qualifications for the position to be filled and business needs.