Process Engineer at Anglian Water designing and optimizing water and wastewater treatment systems. Collaborating across teams to ensure compliance and safety in engineering solutions.
About the role
- Identity and Access Management Engineer designing and protecting Archer's identity ecosystem for sustainable air mobility. Developing enterprise-level authentication and compliance solutions.
Responsibilities
- Design and implement Zero Trust Architecture (ZTA) across Archer's enterprise network, eliminating implicit trust and enforcing continuous verification of user identity and device posture before granting access.
- Architect and maintain Okta as the authoritative Identity Provider (IdP) for Archer, managing Single Sign-On (SSO), Multi-Factor Authentication (MFA), and user lifecycle management across all enterprise applications and SaaS platforms.
- Design and implement Privileged Access Management (PAM) using Delinea, including credential vaulting, privileged session management, and automated credential rotation for administrative and service accounts.
- Implement Identity Governance and Administration (IGA) controls to enforce role-based access control (RBAC), segregation of duties, periodic access reviews, and just-in-time (JIT) access provisioning.
- Build and maintain federated identity standards (OIDC, SAML, SCIM) to enable secure integration between Archer's identity platform and third-party applications, cloud providers, and vendor systems.
- Conduct access control audits and design remediation strategies to ensure compliance with NIST SP 800-171 Access Control (AC) requirements, CMMC Level 2 practices, and SOX ITGC expectations for financial systems.
- Implement automated audit logging and session recording for all authentication and privileged access events, ensuring that individual users' actions can be uniquely traced for compliance investigations and forensic analysis.
- Secure third-party and contractor access by implementing time-limited, role-restricted access provisioning and automated de-provisioning upon project completion or relationship termination.
- Stay current with emerging identity threats, attack vectors, and security best practices, including insider threats, account takeover (ATO), and lateral movement techniques.
- Provide technical guidance and training to IT, application, and security teams on identity best practices and policy enforcement.
Requirements
- 5 plus years of experience in Identity and Access Management or related roles, with a minimum of 2 years in a senior or architect-level capacity.
- Hands-on design and implementation experience with enterprise Identity Providers such as Okta, Azure AD (Active Directory), or Ping Identity.
- Deep technical understanding of authentication protocols and standards, including OIDC, SAML, OAuth 2.0, and LDAP.
- Extensive experience designing and operating Privileged Access Management (PAM) solutions, preferably Delinea, including credential vaulting, session recording, and approval workflows.
- Working knowledge of RBAC (Role-Based Access Control) design and implementation, with the ability to map complex organizational hierarchies to access policies.
- Experience implementing and managing Multi-Factor Authentication (MFA) technologies such as FIDO2, Okta Verify, Duo Security, YubiKey, and PKI-based authentication.
- Strong understanding of NIST SP 800-171 and CMMC Level 2 requirements, specifically as they relate to access control, audit logging, and identity governance.
- Proficiency in scripting and automation using PowerShell, Python, or Bash to automate identity workflows, audit processes, and integrations.
- Excellent communication skills to translate complex identity architecture and compliance requirements to both technical teams and executive leadership.
Job title
Job type
Experience level
Salary
Degree requirement
No Education Requirement
Tech skills
Location requirements
PDK Engineer working with cross - functional teams at Pragmatic Semiconductor. Focusing on the design, development, maintenance, and testing of Process Design Kits in Cambridge.
Senior Manager developing scalable workflow - driven solutions for enterprise platforms at State Street. Collaborating with cross - functional teams to ensure performance and reliability in complex business processes.
Senior Conveyor Engineer leading installation and operational activities of conveyor equipment in GM facilities. Overseeing projects while collaborating with internal teams and external partners at multiple plants.
Microsoft Purview Engineer at Musco Sports Lighting enhancing data governance and compliance solutions. Collaborating with IT teams and managing data classification, retention, and compliance standards.
Project Engineer for Musco designing custom lighting solutions and ensuring project specifications in Oskaloosa, IA. Requires collaboration with internal and external stakeholders to meet client technical needs.
Systems Safety Engineer developing safety strategies for Keyless & Passive Power Moding at General Motors. Collaborating with global teams to ensure compliance with safety standards and regulations.
Ingenieur en efficacité énergétique chez NEPSEN supervisant des projets en performance énergétique de bâtiments. Contribuant à des audits, rénovations et pilotage de contrats de performance énergétique.
Advanced Device Development Engineer on Logic Technology Development team at Intel. Designing, executing, and analyzing semiconductor experiments in a collaborative and innovative environment.
Industrial Hygiene/Safety Engineer overseeing safety programs at Intel's semiconductor manufacturing sites in Penang. Protecting worker health and ensuring compliance with safety standards and regulations.