Senior Engineer – Identity and Access Management

Posted Date: Jul-18-2018

Job ID: 8867

Job Type: Full Time

Job Function: Information Technology

City: Bellevue

State: Washington

Store: Eastgate Headquarters


What's cool about this job

    As a Senior Engineer – Identity and Access Management, you’ll help design the co-op’s IAM policies, bringing your ideas to the forefront of the overall REI security landscape. 

    You’ll also work closely with enterprise architects and other technical partners to drive work across the security horizontal foundation, working with the lines of business to ensure a cohesive end to end strategy. You’ll help manage environments like Active Directory, PAM/CyberArk, AuthN and AuthZ including MFA, and the central IAM/IGA platform. You'll help implement changes to process and technology, and demonstrate leadership in operational security assessment and measurement of information security risk objectively and consistently


    Responsibilities:
    • Active Directory design, replication, integrity, maintenance and troubleshooting within on-premise, cloud, and hybrid models
    • Group Policy/OU/group management, design, structuring, troubleshooting, and lifecycle
    • CyberArk PAS administration of Vault and surrounding services and custom solutions
    • CyberArk Conjur design/build/run for DevOps teams
    • PAM program buildout supporting account migrations
    • Demonstrates operational excellence including support, following standard configuration and change management processes and practices
    • Collaborates with team members to successfully evaluate, design, build, and run IAM tools that provide value to the business while keeping it safe
    • Participates in on-call rotations that respond to operational issues
    • Develops metrics that demonstrate current IAM risk state, indicators of progress, and business alignment for those activities
    • Analyze and help fix Identity Lifecycle Management gaps
    • Work in active partnership with development teams during operational security reviews providing leadership and security design guidance
    • May act as a liaison to compliance efforts and work alongside technical counterparts to remediate audit and security findings


    Bring your passion and expertise

    • 7+ years’ experience in design and implementation of end to end of Active Directory solutions
    • In depth knowledge of Active Directory/LDAP, configuration and management of OUs, GPOs, AD Schema extensions, DNS, Forest/Domain Trusts, AD Site Topology/Replication, and Federation
    • 5+ years' experience in an enterprise scale distributed computing environment
    • Proven track record delivering multiple parallel projects in different phases at the same time, and has been involved in at least 3 Cloud-based/online services scale projects
    • Solid understanding of security frameworks such as NIST, ISO and COBIT, and able to engineer to meet framework requirements
    • 5+ years’ professional experience in cloud-based or online services security engineering, or service engineering
    • Expert knowledge of industry best practices and security principles for directory services and Identity and Access Management


    Why you'll love it here

    REI Information Technology is a team of creative and smart technologists who work in a collaborative environment to build business value through technology. And, we have the support of a great company to tackle some pretty dynamic challenges that will keep REI relevant for years to come.

    At REI we offer an enviable work environment that has been recognized on the "100 Best Companies to Work For" list since the award's inception – 20 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.

    With more than 140 retail locations (and growing), REI offers unique competitive benefits to its more than 12,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.

    REI is an Equal Opportunity Employer

    NEW YORK CORRECTION LAW
    ARTICLE 23-A, Section 753
    LICENSURE AND EMPLOYMENT OF PERSONS PREVIOUSLY CONVICTED OF ONE OR MORE CRIMINAL OFFENSES

    §753. Factors to be considered concerning a previous criminal conviction; presumption.

    1. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall consider the following factors:

    (a) The public policy of this state, as expressed in this act, to encourage the licensure and employment of persons previously convicted of one or more criminal offenses.

    (b) The specific duties and responsibilities necessarily related to the license or employment sought or held by the person.

    (c) The bearing, if any, the criminal offense or offenses for which the person was previously convicted will have on his fitness or ability to perform one or more such duties or responsibilities.

    (d) The time which has elapsed since the occurrence of the criminal offense or offenses.

    (e) The age of the person at the time of occurrence of the criminal offense or offenses.

    (f) The seriousness of the offense or offenses.

    (g) Any information produced by the person, or produced on his behalf, in regard to his rehabilitation and good conduct.

    (h) The legitimate interest of the public agency or private employer in protecting property, and the safety and welfare of specific individuals or the general public.

    2. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall also give consideration to a certificate of relief from disabilities or a certificate of good conduct issued to the applicant, which certificate shall create a presumption of rehabilitation in regard to the offense or offenses specified therein.