Job Description:
1. SCOPE OF WORK
Reporting to the IFC CITDE Access Management project manager, the primary responsibilities of the selected candidate will include, but not be limited to, the following:
1. Architect and Design:
• Architect and design Access Management technology solutions, including installations, integrations, and supporting infrastructure.
• Create and maintain enterprise standard architectural documentation, reference diagrams, process models, and runbooks.
2. Technology Solutions:
• Plan, coordinate, and execute solutions for infrastructure, cloud, and network activities related to Access Management, including installations, upgrades, and patches.
• Implement and manage access management solutions such as PlainID and Azure Active Directory (Entra ID), ensuring integration with enterprise systems.
• Automate security tasks using Azure DevOps and infrastructure as code (IaC) tools like ARM templates, Terraform.
• Utilize Microsoft Azure services (Azure Security Center, Azure Sentinel, Azure Key Vault) to enhance security, compliance, and enforce policies via Azure Policy and Blueprints.
• Utilize Azure Databricks for big data processing, advanced analytics, and machine learning.
• Integrate access management solutions with enterprise systems and Azure DevOps for CI/CD pipelines.
• Design secure network architectures using Azure Virtual Network, NSGs, and Azure Firewall for secure connectivity between on-premises and cloud environments.
• Review and improve infrastructure setup and deployment models to ensure security and compliance.
3. Cloud and DevOps Integration:
• Utilize Azure platforms and implement DevOps practices (CI/CD, containerization, infrastructure as code, policy as code) to streamline deployment and operations.
• Integrate Azure DevOps for automation pipeline in deployment and testing, adhering to best practices.
4. Policy Development and Management:
• Design and develop access management authorization policies using natural language expressions.
• Plan and manage deployments of Access Management Policies and authorization platforms, including PlainID installations, upgrades, and patches.
5. Cross-Functional Collaboration:
• Collaborate with developers, QA, project managers, and stakeholders to ensure cohesive product development and operations.
6. Agile Methodologies:
• Use Agile/Scrum methodologies to facilitate iterative development and rapid project delivery.
• Maintain authorization documentation in Azure DevOps and MS Teams.
7. Reporting:
• Expand the access management and authorization framework to include new reporting and authorization capabilities. Develop a robust and stable access management reporting framework and solution that meets operational needs.
• Provide weekly status reports and timely deliverables and updates.
2. SKILLS / EXPERIENCE REQUIRED:
1. Access Management Expertise:
• Extensive Hands-on experience with Access Management Authorization technologies.
• Experience with using standardized natural language framework to develop and manage authorization policies.
• Experience with IAM components and general Authorization Technology setup, configuration, and administration.
2. Solution Architecture:
• Expertise in designing end-to-end solutions that align with business needs and enterprise standards.
• Ability to create reference architecture diagrams using tools like iGrafx or Microsoft Visio.
• Strong understanding of enterprise architecture frameworks such as TOGAF, Zachman or similar frameworks.
• Experience in developing and maintaining enterprise architecture artifacts, including principles, standards, and guidelines.
3. Azure Technologies:
• Extensive experience with Microsoft Azure services.
• Proficiency in Azure DevOps for CI/CD pipeline integration and automation.
• Experience with Microsoft Entra ID for identity and access management.
• Familiarity with Microsoft Purview for data governance and compliance.
• Knowledge of Azure Resource Manager (ARM) templates and Azure Policy.
• Expertise in designing and implementing scalable, secure, and resilient cloud architectures.
4. Cloud Security Design and Implementation:
• Experience with designing secure cloud architectures on Microsoft Azure following best practices (CIS Controls, NIST, ISO 27001).
• Expertise in managing identities, authentication, and authorization using Azure Active Directory (Entra ID).
5. Data Protection:
• Experience with data encryption, data loss prevention policies, and secure data storage solutions (Azure Blob Storage, ADLS, Azure SQL Database) in Azure.
• Experience with Microsoft Information Protection (MIP) for data classification and labeling.
• Experience with developing secure backup and recovery strategies using Azure Backup and Azure Site Recovery.
6. Network Security:
• Experience with designing secure network architectures using Azure Virtual Network, NSGs, and Azure Firewall.
7. Threat Detection and Response:
• Experience using Azure Sentinel and Azure Security Center for threat detection and continuous security monitoring.
8. Compliance and Governance:
• Knowledge with privacy compliance regulations using tools such as Microsoft Purview Compliance Manager.
9. Security Monitoring and Auditing:
• Experience with implementing audit and security monitoring practices with Azure Monitor and Log Analytics.
10. SharePoint:
• Experience integrating SharePoint with other IAM solutions to ensure seamless access control and compliance.
11. Database Experience:
• Expertise in database security and administration (Oracle, Postgres, MSSQL, Cosmos DB).
• Knowledge of data warehousing and ETL processes.
12. API Integration and Development:
• Strong experience in API design, development, and management using Azure API Management and OAuth/JWT for security.
• Experience with API documentation tools like Swagger/OpenAPI.
13. General Technical Skills:
• Strong understanding of software development lifecycle (SDLC) and agile methodologies.
• Proficiency in programming languages such as C#, JavaScript, Python, and experience with version control systems like Git.
• Strong problem-solving skills and experience troubleshooting complex technical issues.
14. Soft Skills:
• Strong communication and collaboration skills with the ability to present solutions to stakeholders and manage multiple priorities.
Additional Requirements:
1. Professional Experience:
• 8+ years of hands-on experience with IAM technology architecture, design, and development.
• Bachelor’s degree or higher in Computer Science or a related field.
2. Certifications:
o Relevant certifications such as Microsoft Certified: Azure Fundamentals, Azure Solutions Architect Expert, Azure Security Engineer Associate, Security, Compliance, and Identity Fundamentals, Power BI Data Analyst Associate are highly desirable.