10 days old

Senior Identity Engineer (IAM) - LDAP

Atlanta, GA 30303

Innovate to solve the world's most important challenges
The future is what you make it.
When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future.
That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings smart and safe and even making it possible to breathe on Mars.
Working at Honeywell isn€™t just about developing cool things. That€™s why all of our employees enjoy access to dynamic career opportunities across different fields and industries.
Are you ready to help us make the future?
Honeywell€™s Digital & Product Security (DPS) business believes in integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. Advancements in technology, contractual and regulatory requirements, emerging threats, and Honeywell's growth worldwide continue to challenge all of us to ensure everything we do in business is secure.
We€™re seeking a Senior Identity Access Engineer (IAM) to join our growing team of cyber professionals in Phoenix, AZ or Atlanta, GA.  This is your opportunity to join an innovative team to provide valuable, secure user experiences for Honeywell employees, partners, and customers.
The Senior Identity Access Engineer (IAM) will€¦
  • Serve as a subject matter expert for Directory Services under the IAM services portfolio
    • Working knowledge of LDAP and virtual directory services
    • Working knowledge of UNIX/Linux operating systems
    • Understand how the service works from a business/end-user/technical perspective
    • Have command of the service including its capabilities and proper use
    • Execute proof-of-concepts guided by Sr. Identity Architect and Service Manager
    • Complete assigned project/tasks in a timely manner
    • Interact with key stakeholders and project/program teams to understand their requirements and engineer solutions based on best practices
    • Ensure proper oversight for quality assurance of IAM artifacts
    • Enforce adherence to architectural standards/principles
    • Proactively provide feedback regarding infrastructure IAM engineering methodologies, standards, and leading projects
    • Minimize technical exposure and risk on projects
    • Delivers and manages a highly available, stable, and secure Directory Services environment
    • Participates in the testing (e.g. planning and execution) related to performance, disaster recovery, and business continuity for LDAP/virtual directories
    • Analytical/Decision Making Responsibilities
      • Understands the art of the possible, compares various architectural options based on feasibility/impact and proposes actionable plans
      • Demonstrated strong analytical skills and technical problem-solving skills
      • Analyzes and resolves complex issues (e.g. performance problems and outages) to the Directory Services environments, escalating to and working with vendors and clients as required
      • Ability to analyze and operate at different levels of abstraction
      • Ability to balance what is strategically right with what is practically realistic 
      • Evangelize optimal options based on documented best practices and standards
      • Maintain accurate and timely tracking of activities
      • Incident/Problem management
        • Manage incident/problem lifecycle including ticketing and stakeholder interaction
        • Performs proactive problem management to identify and resolve potential issues related to the Directory environments
        • Follow documented troubleshooting procedures for standard support situations
        • Escalate to and collaborate with tier 3 support (i.e., Sr. Identity Architect), when necessary
        • Run book activities
          • Monitor the service from both a functional and infrastructure perspective
          • Execute service reports and gather/report metrics
          • Address service problems
          • Document changes and/or new activities
          • Works under supervision of the Sr. Cyber Security Manager, and interacts with Senior/Portfolio Architect
            YOU MUST HAVE
            • 3+ years developing, engineering, and implementing enterprise class IAM/security solutions.
              WE VALUE
              • Bachelor's degree.
              • Securing the Directory from both a physical and logical aspect
              • Defining the logical organizational structure (OU/Tree organization)
              • Understanding of LDAP structures such as schemas, object classes, and attributes
              • Understanding of Administrative model (how we manage objects)
              • RadiantLogic FID or OpenLDAP directory specific experience
              • Experience with PingFederate or other federation service
              • Authentication & Authorization types (Federation/SSO, LDAP/Kerberos, MFA)
              • Knowledge of on premises & cloud directory functions
              • Directory synchronization & replication
              • Directory consolidation
              • Working knowledge of Linux/Unix command line objects for account/group management
              • Working knowledge of MS Windows
              • Understanding of DNS & Networking
              • Scripting knowledge including bash, ksh, PowerShell, python, perl, etc.
              • Group Policy Management knowledge as it pertains to either Windows or Linux running SSSD
              • Knowledge/Experience with Directory as a Service (DaaS)
              • Experience with testing concepts and techniques
              • Identity security best practices
              • Results-focused visionaries that consistently deliver high-quality solutions
              • Strong personal organization and project management skills

                Additional Information
                • JOB ID: HRD90618
                • Category: Engineering
                • Location: 715 Peachtree Street, N.E.,Atlanta,Georgia,30308,United States
                • Exempt
                • Due to US export control laws, must be a US citizen, permanent resident or have protected status.