• Senior Identity & Access Management Engineer…

    Antech Diagnostics (New York, NY)


    We understand that the world we want tomorrow starts with how we do business today, and that’s why we’re inspired to make A Better World for Pets. Antech is comprised of a diverse team of individuals who are committed to each other’s growth and development. Our culture is centered on our guiding philosophy, The Five Principles: Quality, Responsibility, Mutuality, Efficiency and Freedom. Today Antech is driving the future of pet health as part of Mars Science & Diagnostics, a family-owned company focused on veterinary care.

     

    Current Associates will need to apply through the internal career site. Please log into Workday and click on Menu or View All Apps, select the Jobs Hub app, then click the magnifying glass to Browse Jobs.

     

    This is a Hybrid role based out of our office in New York, NY. The Target Pay Range for this position is $172,155 - $215,165 annually. At Antech, pay decisions are determined using factors such as relevant job-related skills, experience, education, training and budget.

    Job Summary:

    The Senior Identity and Access Management (IAM) Engineer is responsible for designing, implementing and maintaining the Identity and Access Management program as part of the Cybersecurity function. The IAM engineer will work closely with Human Resources, Business Stakeholders, and Information technology teams to make the identity lifecycle management process effective and efficient throughout the SDx division. This individual will serve as the subject matter expert for SDx identity infrastructure, implementing identity solutions for authentication, authorization, user management and centralized SDx resources and IAM practices.

    Key Responsibilities:

    + Lead the design and implementation of our Identity and Access Governance (IGA) strategy with IAM solutions (and related technologies) in coordination with Mars GDO including Okta, Azure AD/Entra ID, Active Directory, Customer Identity and Access Management (CIAM), and other identity-based solutions across SDx.

    + Lead and manage SDx role-based access control policies, federation of identities and any technologies related including SSO, OAuth, SAML, OpenID, OpenID Connect, JSON Web Tokens (JWT), Passwordless and Multi-Factor Authentication (MFA), self-service password reset solutions, device-based authentication, identity protection, among others.

    + Manage and implement identity federation and integration strategies and tools across SDx for on-premises, cloud-based, hybrid and third-party platforms.

    + Manage applications on IAM tools related to identify federation (SSO) across SDx.

    + Serve as the subject matter expert for the implementation of SDx identity governance to enforce policies, procedures, and standards, including the identity lifecycle management (user identities provisioning/de-provisioning) in accordance with SDx and Mars business requirements and security best practices.

    + Coordinate and assist in performing entitlement reviews to ensure access granted reconciles with the authorization to resources across SDx.

    + Collaborate with critical teams including infrastructure, development, R&D, and Mars GDO to ensure alignment with IAM strategies for Mars.

    + Collaborate with other teams to achieve efficiencies via a secure environment that integrates technology stack components, including scripting and automation via tools like PowerShell, Python, CLI, Sentinel, among other.

    + Design, implement, and maintain solutions in an agile manner to improve efficiencies and reduce errors or disruptions across SDx.

    + Work with our R&D and IT departments to apply threat modeling and/or adversarial approaches to ensure customer-facing technologies and products are secure and updated to best security practices in identity management.

    Qualifications & Experience:

    + Bachelors in Cybersecurity, Information Technology, Computer Science, Engineering or related field. Master’s degree is a plus, but not essential.

    + Knowledge applying Cloud and DevSecOps principles for Zero-trust architecture, Identity-as-a-Service and secrets management tools such as HashiCorp Vault, Azure Key Vault, and AWS Secrets Manager or similar tools.

    + Experience with SOC and SIEM tools (Splunk, QRadar, Sentinel) and log analysis.

    + Pen testing and red teaming knowledge, specifically privilege escalation paths and incident management as well as threat modeling, attack-route analysis, application testing and vulnerability management related to authentication and authorization.

    + Experience communicating complex security concepts effectively (technical, non-technical and executive level audiences).

    + Relevant certifications such as CISSP, Okta Essentials, Azure Security Identity Management (SC-300), CISA or Security+ are also preferred.

    + Experience in regulated industries (finance, healthcare, manufacturing, etc.) applying regulatory regulations and/or security frameworks.

    + Experience in a laboratory setting, veterinary clinics, healthcare or related systems.

    + Strong problem-solving and analytical mindset.

    + Hands-on experience with IAM tools including Okta, Active Directory/B2C, Azure AD/Entra ID, Azure KeyVault, CyberArk, Oracle Identity Manager, or similar CIAMs (SailPoint, ForgeRock, etc).

    + Experience applying Identity Governance & Administration (IGA).

    _Required Qualifications:_

    + 7+ years of experience in cybersecurity operations in Identity and Access Management

    + Strong knowledge of IAM protocols and technologies including SSO, SAML, OAuth, Open ID, OpenID Connect (OIDC), Kerberos, LDAP.

    + Hands-on experience managing Privilege Access Management (PAM) tools such as CyberArk and Azure AD Privilege Identity Management (PIM), Azure Bastion, including Just-In-Time Access and other techniques to minimize attack surface, managing Microsoft Entra and Azure Resource roles, applying PIM for groups, among other.

    Physical Demands:

    Extensive sitting, phone, and computer use

    Extend and reach with hands and arms and use hands and fingers

    Occasionally required to bend, kneel, stoop, or crouch

    May be required to lift, move, and carry up to 15 lbs.

    Specific vision abilities required including close vision, color vision, depth perception, and the ability to adjust focus.

    Hearing ability to effectively communicate via the telephone and in person

    Ability to communicate verbally on the telephone and in person

    Fluency in the English language

    Extended hours may be needed

    Work Environment:

    The employee will primarily work in a typical office environment including use of cubicles, computers and overhead lighting. Temperature extremes will be minimal to nonexistent.

     

    The noise level in the work environment is usually moderate. The employee will be required to use a computer, spreadsheets, database management, email, and the Internet. The employee is frequently required to use a calculator; fax, copy machine, and phone system.

     

    About Antech

     

    Antech is a leader in veterinary diagnostics, driven by our passion for innovation that delivers better animal health outcomes. Our products and services span 90+ reference laboratories around the globe; in-house diagnostic laboratory instruments and consumables, including rapid assay diagnostic products and digital cytology services; local and cloud-based data services; practice information management software and related software and support; veterinary imaging and technology; veterinary professional education and training; and board-certified specialist support services.

     

    _Antech offers an industry competitive benefits package and continues to invest in and evolve benefits programs that meet the health, wellness and financial needs of our associates._

     

    + All Full-time associates are eligible for the following benefits and more:

    + Paid Time Off & Holidays

    + Medical, Dental, Vision (Multiple Plans Available)

    + Basic Life (Company Paid) & Supplemental Life

    + Short and Long Term Disability (Company Paid)

    + Flexible Spending Accounts/Health Savings Accounts

    + Paid Parental Leave

    + 401(k) with company match

    + Tuition/Continuing Education Reimbursement

    + Life Assistance Program

    + Pet Care Discounts

     

    We are proud to be an Equal Opportunity Employer - Veterans / Disabled. For a complete EEO statement, please see our Career page at Antech Careers (http://careers.antechdiagnostics.com/us/en/affirmative-action) .

     

    Note to Search Firms/Agencies

     

    Antech Diagnostics, Inc. and its subsidiaries and affiliates (Antech) do not compensate search firms for unsolicited assistance unless they have a written search agreement with Antech and the requisition is position-specific. Any resumes, curriculum vitae, and other unsolicited assistance from search firms that do not have a written search agreement or position-specific requisition submitted to any Associate of Antech will be deemed the sole property of Antech and no fee will be paid in the event the candidate is hired by Antech.