Title: Identity and Access Security Engineer III
Location: Remote/Nationwide Remote/Nationwide USA
For more than 80 years, Kaplan has been a trailblazer in education and professional advancement. We are a global company at the intersection of education and technology, focused on collaboration, innovation, and creativity to deliver a best-in-class educational experience and make Kaplan a great place to work.
The future of education is here and we are eager to work alongside those who want to make a positive impact and inspire change in the world around them.
Kaplan seeks a talented and energetic individual with experience in Identity and Access Management to join our Information Security team. Knowledge of enterprise-class directories, software applications and business processes will be required to succeed in this position. The candidate will be a self-motivated technology professional who is enthusiastic about identifying business owners’ and users’ needs and building robust and efficient solutions to meet those needs in a timely fashion. This job requires someone who possesses a strong technical background, excellent interpersonal skills and can contribute to expanding and improving our existing Identity and Access Management (IAM) infrastructure. The ability to quickly familiarize oneself with existing architecture, organization and processes, as well as to learn new technologies will be key to success.
The Identity and Access Security Engineer III will be responsible for requirement gathering, technical solution specification, integration, testing oversight, operations and support for a large number of identity provisioning and single sign-on (SSO) interfaces to our affiliate and partner systems. The Engineer will also mentor, support the work of and serve as a technical escalation point for junior engineers and be a business enabler.
Specific aspects of this position will include:
- Serving as the primary administrator of our Microsoft Identity Manager, Ping Identity, OneLogin services and DUO MFA.
- Working with IT and business stakeholders to identify requirements, design, deploy and ‘operationalize identity provisioning solutions for:
- Affiliate company directories and networks,
- Internal systems and applications.
- Numerous third-party ASP and SaaS partners
- Design, deploy and ‘operationalize’ SSO interfaces with internal and external service providers using both standards-based and custom solutions.
- Drive the testing and migration planning for IAM software upgrades.
- Providing tactical guidance to our business analysts that support interfaced applications and our application service provider’s engineering team that is responsible for the administration of the IAM infrastructure.
Capabilities and Duties
The Identity and Access Security Engineer III will be capable of performing these duties:
- Administer the SSO platforms
- Pingfederate, OneLogin and other Identity solutions
- Configure Application SSO and directory integration interfaces.
- Develop and enhance platform monitoring and audit processes.
- Provide Level 3 support and manage escalations to vendor
- Become a Subject Matter Expert and advisor on best practices and efficient solutions supporting Identity and User Provisioning and general IAM strategy.
- Subject Matter Expert on Microsoft Identity Management / MIM
- Subject Matter Expert on DUO Two Factor Authentication
- Manage technical and operational aspects of integration between various systems for Single Sign-On and user-provisioning data interfaces.
- Interview stakeholders and gather supporting data to build detailed and accurate business requirement documents.
- Document use cases and technical specifications for development teams.
- Develop acceptance testing criteria and lead the testing process.
- Collaborate with vendors, developers, users and operations teams to build user and technical operations documentation.
- Manage workload, communicate and collaborate in a timely and effective way with all members of project teams.
- Work in coordination with other Business Analysts to understand and document IAM requirements per application & initiative
- Anticipate future needs and suggests new functionality as appropriate
- Be able and prepared to support a 24 x 7 mission critical IT service
- Bachelor’s degree in Computer Science, Information Systems, or related discipline, or equivalent experience.
- 5+ years experience in IT and/or HR Information Systems management.
- Experience in deploying and maintaining Identity and Access Management Systems.
- Experience with Microsoft Identity Management products (ILM, FIM, MIM), OneLogin, and Ping Identity, or similar products is a plus.
- Excellent communication and teamwork skills, plus the flexibility to jump in where needed, are required to be successful in this role.
- Experience working directly with developers and system engineers on the implementation of designs.
- Solid understanding of application and systems security architecture and best practices.
- Knowledge and understanding of underlying components and technologies such as LDAP, SAML, OAuth, OpenID, Web Services, databases, application servers and networking principles is a plus.
- Experience with ERP and/or HRMS products is a plus.
- Solid understanding of software development methodologies and the full system development life cycle is required.
- Excellent analysis, problem solving, and troubleshooting skills is a must-have.
- Ability to work in a team environment and to contribute to multiple projects at once
- Ability to lead teams and work collaboratively with both technology and business representatives
- Solid communication and documentation skills
- Willingness and ability to work off-business hours in support of system maintenance activities and respond to support escalation calls in off-hours (On-Call Support).
We offer a competitive benefits package including:
Remote work providing flexible work/life balance
Comprehensive Retirement Package including 401K company match and two pension programs
Our Gift of Knowledge Program provides tuition assistance and substantial discounts for our employees and close family members
Competitive health benefits and new hire eligibility starts day-1 of employment
Generous Paid Time Off includes paid holidays, vacation, personal, sick paid time-off, plus one (1) volunteer day and one (1) diversity and inclusion day to participate and give back to our local communities
And so much more!
This position is a Salary Grade B