Identity Access Management Engineer
Meraki is making IT easier, faster, and smarter. As a business unit of Cisco Systems, Meraki is the fastest growing cloud-managed networking team in the world with products and technology architecture that are changing the face of enterprise networking and making cloud-managed IT a reality. Headquartered in San Francisco, the team has a growing international footprint with offices in Europe, Australia, Singapore, Japan, and China.
We are looking for an Identity & Access Management Engineer (IAM) to help build and manage our Identity & Access management infrastructure. You will work closely with Digital Workplace (IT) leadership to set strategy, and drive development, compliance, automation, and maturity of our Identity & Access management systems. This role is very multi-functional, working with Security, Engineering, Product, Sales, Support, Service Desk, and Cisco IT. As part of this role, you will also work with our security & engineering teams to test, provide feedback, and design access and identity management policies in line with Security guidelines & governance to ensure compliance.
As an IAM engineer, you will report directly to the IT Manager Engineering. Your technical and engineering expertise will be essential for the enhancement and support of Meraki’s Identity & Access Management program.
A typical week may look like:
Solve and manage the resolution of issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
Fix, support & resolve IAM system incidents, problems, and changes, as the need arises.
Provide ITIL based operational support and act as a technical resource for the Active Directory infrastructure, including incident, change, and problem management.
Provide support from an IAM perspective on-premise infrastructure and cloud-based services, including Domain Controllers, SaaS applications, OKTA, and O365.
Extract and present key metric reporting and analysis for the Identity Management environment.
Work to ensure audit tasks related to Identity Management are completed, with the participation of appropriate partners and in line with Information Security standards.
Ensure that the IAM system follows industry best practices for appropriate standards, processes, procedures, tools, and documentation.
Ensure the maintenance, patching, operation, and monitoring of IAM systems are in place and aligned with our Lifecycle management policy.
Participate in on-call rotation, and as such, work out of standard business hours will occasionally be required.
What we value in an Identity & Access Management Engineer:
Be able to identify vulnerabilities within existing systems, including threat and risk level assessments.
Understands the complexities of modern IAM systems and works to identify potential risks unique to each situation, using this information delivers appropriate solutions to prevent as many threats as possible.
Perform accurate analysis and condense findings into reports to optimize existing and new IAM projects and deployments.
Identify any outdated access control protocols and make recommendations to modernize & strengthen IAM security.
A clear understanding of rule-based and role-based access control and chooses the most appropriate option to maintain a “least privilege” level of access for all users.
Designing, Configuring and improve IAM Solution for;
On-boarding & Off-boarding including;
- User provisioning and de-provisioning
- Deploying modern access management options, such as single sign-on (SSO), federated identities, multi-factor authentication (MFA) and privileged account management
- Hands-on experience of Active Directory Infrastructure components including delegated administration, group policies, OU admin, Site replication, ADFS, Kerberos, Schema Extensions, DEA (Directory Enabled Applications and Forest system context management for application services
- Experience with security protocols such as S-LDAP, SAML, WS-Federation, SCIM, OAuth, and OIDC
Provide ongoing support, ensuring procedures are followed correctly.
Nice to have:
Hands-on experience working with OKTA, DUO, and PingFederate
Experience configuring and managing IT systems with technologies such as Java, JavaScript, XML, SOAP, JSON/REST, SQL, RDBMS, Linux, Windows, and databases
Cisco is an Affirmative Action, and Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
At Cisco Meraki, we don’t just accept difference – it’s one of our key values. "Everybody In" means we listen to each other’s opinions. Everybody is accepted and valued here, and we are a team that works as one towards our goals. We recognize that diverse teams make the strongest teams, and we encourage people from all backgrounds to apply.