IAM Engineering Secure Access WAP

IAM Automation DevOps Engineer
Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust.

Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value.

The opportunity
The relentless advancement of cutting-edge technologies like Blockchain, Artificial Intelligence (AI), Machine Learning (ML), and Quantum Computing necessitates a strategic shift towards cloud computing, driving innovation, efficiency, and transformation across all sectors for businesses to remain competitive and agile. The Identity and Access Management (IAM) Secure Access Engineering team delivers access management solutions utilizing public cloud platforms, commercial off the shelf products, and custom developed solutions.

In your role as IAM Automation DevOps Engineer, you will have the opportunity to work on delivering automation for complex global IAM secure access solutions for a huge global firm and providing best in class support for our clients primarily using the Microsoft Azure platform and any other cloud platform we adopt. As IAM Automation DevOps expert, your focus will be on implementing DevOps process and automating IAM processes and solutions such as for Azure cloud federation and access management solution that uses Azure services and features like Azure Active Directory, Business to Business (B2B), Business to Consumer (B2C), Conditional Access, and Inbound / Outbound federation setup with Active Directory Federation services (ADFS) and other federation solutions such as Ping and Auth0.

Your key responsibilities

• As an IAM DevOps Engineer you are responsible for integrating Azure Identity and Access Management services into DevOps workflows, ensuring that security measures are a core part of the software development lifecycle.
• You will automate IAM tasks using tools like Azure Automation, PowerShell, Azure CLI, and ARM templates, and secure Continuous Integration / Continuous Delivery (CI/CD) pipelines by managing access controls. Additionally, you will automate compliance and auditing processes for IAM services and set up monitoring and incident response with Azure Security Center and Azure Sentinel.
• You will be collaborating with cross-functional teams, working effectively within a team and independently, and liaising with product/service vendors like Microsoft, Ping Federate, Auth0 for service issue escalations.
• As an IAM subject matter expert, you will provide advisory services, demonstrates a systematic approach to problem-solving, and possesses the ability to absorb new technical information quickly.
• Responsibilities also include planning and scheduling work to meet targets, ensuring solutions are well-documented for sustainability, and facilitating the successful transition of project deliverables to support and operations teams, underlining a strong connection between technical solutions and business objectives.
   

Skills and attributes for success

• Proficiency in Azure Automation and familiarity with Azure DevOps services for CI/CD, including Repos, Pipelines, Artifacts, and Boards.
• Expertise in scripting languages (PowerShell, Python, Bash, Ruby) and Azure CLI for automation scripts, alongside knowledge of ARM templates for Azure resource management.
• Experience with Identity Providers like Azure AD, Ping Identity, and Auth0, as well as cloud IAM services across Azure, AWS, and Google Cloud Platform.
• In-depth understanding of directory services (LDAP, Active Directory, Azure AD) for user account management and Azure AD for user/group management, application registrations, and service principals.
• Knowledge of Azure RBAC, SSO, MFA, and Azure AD Conditional Access policies for secure access management, along with Azure AD PIM for privileged access monitoring.
• Skills in managing Azure Key Vault for secrets and certificates, and proficiency with Microsoft Graph API for accessing Azure AD and Office 365 services.
• Experience with Azure monitoring and logging services, Azure Security Center, and Azure Sentinel for performance insights, threat protection, and incident response.
• Familiarity with Infrastructure as Code (IaC) tools like Terraform, Azure ARM templates, and AWS CloudFormation for cloud infrastructure automation.
• Proficiency with version control systems like Git and experience with CI/CD tools such as GitHub Actions, Jenkins, GitLab CI, or CircleCI.
• Knowledge of containerization and orchestration tools like Docker, Kubernetes, or Azure Kubernetes Service (AKS) for container management, and experience with secrets management tools like Azure Key Vault.
   

To qualify for the role you must have

• Degree in Computer Science or related discipline or equivalent work experience
• Strong knowledge and experience of Software development Lifecycle, Automation and DevOps including knowledge of IAM domains and basic IT knowledge.
• Strong interpersonal and verbal and written communication skills
• Good professional attitude towards work and corporate culture.
• Flexibility in scheduling with a willingness to work extra non-standard hours on occasion
• Ability to work well within a multi-disciplinary, multi-cultural team structure, but also independently.
• Has an urge to learn and grow along with the Organization.
• Ability to meet agreed deadlines with demonstrable productivity
   

Ideally, you’ll also have

• Certification in Azure cloud services related to IAM, Automation or DevOps
• Experience in using Information Technology Infrastructure Library (ITIL) process improvement frameworks.
• Certification in IT Infrastructure is added advantage.
• Cyber-Security Certificates a plus.