Senior Identity Access Management Engineer

FEDERAL HOME LOAN BANKS OFFICE OF FINANCE

POSITION DESCRIPTION

POSITION:

Senior Identity and Access Management Engineer

DATE: February 2025

DEPARTMENT:

Information Technology

FLSA: Exempt

REPORTS TO:

Director, Information Security

LOCATION: Hybrid/Reston

SUMMARY OF POSITION

The Office of Finance (OF) is seeking an experienced and dynamic Sr. Identity and Access Management (IAM) Engineer to join our Information Security group. This role will focus on Identity Governance and Administration (IGA) and Privileged Access Management (PAM) solutions, with a strong emphasis on engineering, operations, and the integration of SaaS applications with Single Sign-On (SSO). The ideal candidate will have deep expertise in deploying, and maintaining IAM solutions, developing automation with PowerShell and Azure Logic Apps, and developing safeguards and security controls to protect enterprise systems and data.

We're proud of the way our teammates have a positive impact on everything we do. Our employees are committed to and exemplify our Core Values:

• Integrity through accountability, consistency, transparency and trust
• Agility through adaptability, continuous improvement, expertise, and flexibility
• Partnership through collaboration, communication, leadership, and teamwork
• Inclusivity through diversity, relationships, respect, and support

PRINCIPAL RESPONSIBILITIES

• Lead the design, implementation, and optimization of Identity Governance and Administration (IGA) and Privileged Access Management (PAM) solutions
• Design and implement automation for user provisioning, de-provisioning, access reviews, and policy enforcement using PowerShell scripts and Azure Logic Apps
• Administer Privileged Access Management (PAM) tool to control, monitor, and audit privileged access to critical systems
• Develop and implement safeguards and security controls to ensure the integrity, confidentiality, and availability of IAM systems, preventing unauthorized access and ensuring enterprise compliance
• Manage API key lifecycle (generation, rotation, revocation) and integrate key management into the IAM infrastructure, leveraging vault solutions to securely store and access keys
• Respond to and resolve IAM incidents and issues, providing timely root cause analysis and applying preventive measures to minimize future occurrences
• Identify opportunities to improve and automate IAM processes, workflows, and security controls, leveraging PowerShell scripting and Azure Logic Apps to enhance efficiency and security
• Support the OF's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners.

PRINCIPAL JOB REQUIREMENTS

• Bachelor's degree in information security or computer science or computer/electrical engineering, and/or equivalent field experience
• 6-8 years of experience in Identity and Access Management, focusing on IGA, PAM and SSO solutions
• Strong experience in configuring and troubleshooting IAM systems and integrations, especially with PowerShell scripting and Azure Logic Apps
• Experience with IAM platforms and tools such as Azure Entra, CyberArk, or similar technologies
• Deep understanding of identity lifecycle management, access governance, role-based access control (RBAC), and privileged access controls
• Experience with API key management, including lifecycle management, rotation, and secure storage using vault technologies
• Ability to work independently and as part of a team, managing multiple priorities in a fast-paced environment
• Strong collaboration skills to work effectively with cross-functional teams, including IT, Application development, Business and HR, ensuring IAM solutions meet organizational needs and security requirements
• Ability to listen and integrate ideas from diverse views, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively
• Excellent communication skills to interact with stakeholders at all levels
• Proof of eligibility to work in the United States

EQUAL EMPLOYMENT OPPORTUNITY

The Federal Home Loan Banks Office of Finance is committed to equal employment opportunity without regard to race (including traits historically associated with race, such as hair texture, hair type and protective hairstyles), color, religion, sex, pregnancy (including childbirth, lactation, and related medical conditions), national origin or ancestry, age, physical or mental disability, veteran status, uniformed service member status, military status, sexual orientation, gender identity, status as a parent, marital status, genetic information (including testing and characteristics), citizenship status, or any other characteristic protected by applicable federal, state, or local law.