Responsibilities
-
DUO MFA Management:
- Administer and manage the DUO Multi-Factor Authentication (MFA) platform.
- Implement and enforce MFA policies across the organization, ensuring integration with various applications and systems.
- Monitor MFA performance, troubleshoot issues, and handle escalations related to authentication failures or policy violations.
-
Microsoft Information Protection (MIP) Implementation:
- Configure and maintain Microsoft Information Protection (MIP) policies to safeguard sensitive data.
- Collaborate with the security and compliance teams to establish data classification and labeling policies based on organizational requirements.
- Conduct regular audits and reviews of MIP policy adherence, ensuring that sensitive information is adequately protected.
-
Key Management Services (KMS):
- Manage Key Management Services (KMS) for encryption key lifecycle, ensuring proper distribution and rotation of keys for critical systems.
- Ensure KMS compliance with encryption and security best practices, maintaining availability and integrity of key materials.
-
Mobile Device Management (MDM) (Secondary Focus):
- Support the administration and monitoring of MDM solutions to manage device security, app deployment, and access policies.
- Work with IT teams to ensure all mobile devices comply with organizational security policies and access controls.
-
Active Directory (AD) and Azure AD (Entra ID) (Secondary Focus):
- Provide support for Active Directory, managing user accounts, group policies, and organizational units.
- Assist with synchronization between on-premises AD and Azure AD using Azure AD Connect, ensuring seamless hybrid identity integration.
- Troubleshoot and resolve issues related to AD/AAD authentication and access provisioning.
-
IAM Process Optimization:
- Continuously evaluate and improve IAM processes related to MFA, MIP, and KMS to enhance security and user experience.
- Automate routine identity management tasks and workflows to increase efficiency and reduce manual errors.
-
Incident Response and Troubleshooting:
- Act as the technical escalation point for identity-related incidents involving DUO MFA, MIP, KMS, and other IAM systems.
- Investigate, troubleshoot, and resolve IAM issues, working closely with other teams to identify root causes and implement solutions.
-
Compliance and Reporting:
- Ensure IAM solutions meet compliance requirements such as SOX, ETC.
- Generate reports for auditing purposes and provide insights into the security posture of identity systems.
-
Collaboration and Documentation:
- Collaborate with security, IT, and compliance teams to define and implement identity governance frameworks.
- Develop and maintain comprehensive documentation for all IAM solutions, policies, and procedures.
-
Training and Knowledge Sharing:
- Provide training to end-users and technical staff on IAM best practices, focusing on MFA, MIP, and encryption.
- Stay up-to-date with industry trends and emerging technologies to continuously enhance the organization’s IAM capabilities.
Professional Attributes
- Leadership: Demonstrated ability to assist in leading cross-functional teams and manage technical resources, driving projects and solutions to successful completion.
- Problem-Solving: Strong analytical and troubleshooting skills with a proactive approach to identifying and resolving issues within complex identity and directory environments.
- Analytical Skills: Ability to analyze complex IAM issues and apply logical troubleshooting techniques to resolve identity-related problems.
- Attention to Detail: High accuracy and attention to detail in managing identity policies, systems configurations, and security protocols.
- Communication: Strong communication skills to collaborate with technical and non-technical stakeholders across the organization.
- Team Player: Ability to work effectively as part of a cross-functional team, with a focus on supporting the broader IAM strategy.
- Customer Focused: Demonstrated ability to deliver excellent service to internal and external stakeholders, focusing on user experience without compromising security.
Adaptability: Ability to quickly learn and adapt to new tools, technologies, and security practices in a dynamic IT environment.
Technical Experience Required
-
DUO Multi-Factor Authentication (MFA):
- Experience in administering and managing DUO MFA or similar authentication platforms.
- Ability to configure, enforce, and troubleshoot MFA policies across diverse applications and systems.
-
Microsoft Information Protection (MIP):
- Hands-on experience with MIP, including policy configuration, data classification, and labeling.
- Understanding of data protection frameworks and the ability to map them to MIP policies.
-
Key Management Services (KMS):
- Proficient in managing KMS for encryption key lifecycle management, including key rotation, storage, and compliance.
- Strong understanding of encryption protocols and key management best practices.
- Mobile Device Management (MDM):
- Knowledge of MDM platforms and their integration with IAM systems for device security and policy enforcement.
- Experience managing mobile devices in an enterprise setting, focusing on compliance and access control.
-
Active Directory (AD) and Azure AD (Entra ID):
- Experience managing user accounts, group policies, and organizational units in Active Directory.
- Familiarity with hybrid identity environments using Azure AD and Azure AD Connect for synchronization between on-prem and cloud identities.
-
PowerShell Scripting:
- Basic PowerShell scripting skills to automate tasks related to identity management, such as user provisioning, reporting, and troubleshooting.
-
SIEM and Auditing Tools:
- Familiarity with security information and event management (SIEM) tools for monitoring identity-related logs and events.
- Experience generating audit reports for compliance purposes.
Programming and Tools
-
Scripting and Programming Languages:
-
PowerShell: Proficiency in using PowerShell to automate identity tasks, generate reports, and troubleshoot issues.
-
Python (optional): Familiarity with Python for advanced IAM automation and integration tasks.
-
IAM and Directory Tools:
-
DUO MFA: Expertise in configuring and maintaining DUO MFA for secure authentication.
-
Azure AD Connect: Experience with synchronization between on-prem AD and Azure AD for seamless hybrid identity management.
-
Microsoft Information Protection (MIP): Strong knowledge of MIP tools for implementing data protection policies.
-
Encryption and Key Management Tools:
- Experience with KMS solutions for managing encryption keys and ensuring compliance with security standards
-
MDM Platforms:
- Experience with leading MDM tools such as Microsoft Intune, MobileIron, or AirWatch for mobile device management and security.
-
Monitoring and Logging:
- Familiarity with SIEM platforms (e.g., Splunk, Microsoft Sentinel) for monitoring and auditing identity events and security logs.
-
Career and Education Experience
-
Experience:
- 6+ years of experience in IT or Information Security, with a focus on identity and access management.
- 3+ years of direct experience working with DUO MFA, Microsoft Information Protection (MIP), and Key Management Services (KMS).
- Experience with Mobile Device Management (MDM) platforms, Active Directory, and Azure AD (Entra ID).
-
Education:
- BA or BS in Information Technology, Computer Science, Information Security, or a related field. Equivalent hands-on experience in IAM may be considered in lieu of a degree.
- Relevant certifications such as Microsoft Certified: Identity and Access Administrator, Certified Information Systems Security Professional (CISSP), or DUO Security Administrator are desirable.
Language Experience
- English proficiency in both speaking and writing.
Logistics
- Primary work in a general and/or home office environment.
- Willing to be 24 x 7 on call.
- Willing to perform work functions cross time zones to support US coverage needs.
