Identity and Access Management Engineer

D.A. Davidson Companies is an independent, employee-owned company with a rich history spanning more than 80 years. We are dedicated to conducting our business in accordance with the highest standards of integrity and ethics, and delivering outstanding service to our clients and each other. We support a friendly, open and supportive culture, and encourage candid communication and productive engagement that make our companies and each of us better. Just as we work to improve our clients’ financial well-being, we also work to strengthen local communities—and giving back is one of our core values. You can learn more about our company culture and impact in our latest annual report.

The Identity and Access Management (IAM) Engineer designs, implements, manages, and oversees operational support of IAM, Privileged Identity Management (PIM), and Privileged Access Management (PAM) solutions. The IAM Engineer is responsible for ensuring that procured or developed identity solutions are implemented properly to best reduce risk and function efficiently. The IAM Engineer provides IAM expertise and guidance to the Firm while working closely with IT and Information Security teams to ensure IAM solutions deliver intended outcomes that support IT, Information Security, and Firm goals.

• Bachelor’s degree in Information/Cyber Security, Computer Science, Information Systems, or equivalent combination of relevant professional experience and education including certifications (CISSP, CIAM, CIMP, Security+, or from ISACA, IAPP, Microsoft, etc.)

• Must possess 5+ years of experience designing, implementing, and administering IAM systems and workflows.

• Extensive hands-on knowledge of IAM best practices, procedures, and solutions including Identity Governance and Administration (IGA), PIM, PAM, and identity security platforms such as Microsoft Active Directory / Entra ID, SailPoint Identity Security Cloud, Microsoft PIM, Delinea Secret Server Cloud, and Silverfort.

• Extensive knowledge and experience with IAM protocols such as SAML, OAuth, LDAP, Kerberos, OpenID, TACACS, SCIM, etc.

• Thorough understanding and experience implementing and recommending varying access control models (MAC, RBAC, DAC, RB-RBAC, ABAC, etc.) based on ideal use to conform to least-privilege and segregation of duties.

• Experience in an enterprise Microsoft environment with proficiency in writing and understanding scripting and programming languages.

• Experience working and collaborating effectively with business professionals, technical subject matter experts, and internal/external partners in information gathering and project execution.

• Experience with the monitoring and evaluation of technology processes and controls including design and operating effectiveness, testing, reporting on results, and recommending enhancements.

• Strong project management and organizational skills with demonstrated ability to complete assignments timely and effectively.

• Individual must be able to perform with minimal supervision of routine duties; demonstrate ability to solve problems and deal with a variety of variables and situations where only limited standardization may exist; interpret instructions furnished in written, oral, diagram, or schedule formats; and be able to handle multiple tasks simultaneously.

• Commitment to maintain client confidentiality and data security.

• Communicate in a clear and service-oriented manner; use appropriate, professional language and grammar to effectively exchange ideas and information.

• Provide expert knowledge and act as a subject matter expert on key principles of IAM in the areas of authentication and authorization systems, identity lifecycle management, access control models, and identity governance.

• Lead the architectural design, development, implementation, and administration of IAM and PIM/PAM solutions in a complex environment with a blend of legacy on-premises and cloud-hosted systems.

• Evaluate, recommend, and implement IAM and PIM/PAM solutions to continually improve identity workflows for efficiency and security against evolving threats while ensuring only authorized individuals have access to sensitive information systems and data.

• Help develop IAM and PIM/PAM policies, standards, technical documentation, and operational procedures for support.

• Drive standards and support implementations with integrations to and from third parties.

• Identify and help implement solutions that provide optimal and secure single-sign-on (SSO) experiences to employees, contractors, and customers.

• Support infrastructure, hardware, software, system performance, and technology integrations for IAM and PIM/PAM solutions.

• Troubleshoot, identify, and resolve technical IAM related issues.

• Stay updated on current and evolving identity threats, solutions, and identify areas for improving the Firm’s identity security posture.

• Conduct regular audits of accounts and access permissions to detect and prevent security issues.

• Collaborate with other IT teams to enforce and improve identity and access practices across the Firm.

• Help oversee the creation and maturation of policies, standards, and procedures related to IAM and PIM/PAM.

• Help ensure information security teams receive appropriate and timely IAM/PAM logs to swiftly respond to potential threats and access misuse.

• Design continuous controls monitoring program utilizing identity solutions, dashboards, analytics, automation, and other supporting tools.

• Prepare ongoing reports with specified metrics/ key performance indicators related to IAM and PIM/PAM activities.

• Maintain program alignment to internal/external compliance requirements and identified gaps.

Competitive salary plus excellent benefits and perks including, but not limited to:

• Medical, Dental and Vision

• Company 401(k)and ESOP contribution

• Generous sick, vacation, and maternity/parental leave

• Paid holidays

• Professional Development Opportunities

• Tuition Reimbursement ($15,000 lifetime cap)

• Discounted personal insurance including home, auto and recreational vehicles

• Charitable gift-matching program

• Davidson Day of Giving – Our tradition of positively impacting communities in which we live and work.

The potential base pay hiring range for this role is $95,000 – 120,000 annually. The compensation offered will be determined on a case-by-case basis considering a variety of factors including, but not limited to, the skills, relevant work experience, and geographic location of each specific candidate.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

At D.A. Davidson, we are committed to fostering a diverse environment that supports the development and inclusivity of all employees.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Please answer all questions carefully: incomplete or inaccurate answers may impact your potential employment. By clicking Submit Application, you declare that all statements in this application are truthful to the best of your knowledge. California applicants please see D.A. Davidson's California Resident Privacy Policy.