Architect, Identity and Access Management (IAM)

Alternate Locations: Greensboro, NC (North Carolina)

Relocation assistance is not available for this opportunity.

About the Company

Lincoln Financial Group, a Fortune 250 company with over 10,000 employees, provides advice and solutions that help empower Americans to take charge of their financial lives with confidence. Our core business areas — Life Insurance, Annuities, Retirement Plan Services and Group Protection — focus on supporting, preserving and enhancing over 17 million customer’s lifestyles and retirement outcomes.

Headquartered in Radnor, Pennsylvania, Lincoln Financial Group is the marketing name for Lincoln National Corporation (NYSE: LNC) and its affiliates. The company had $238 billion in assets under management as of December 31, 2018.

Ranked one of the Best Large Employers in America by Forbes magazine, Lincoln Financial Group makes a serious investment in our employees’ futures through a broad range of wealth accumulation and protection plans, health and wellness programs, and career development resources designed to help each individual reach their personal and professional goals.

The Role

Lead Identity and Access Management ( IAM ) Architect will provide the expertise, and design services for Microsoft Active Directory, ADFS, PKI , SSO and Identity Federation for the enterprise.  Work closely with IT and business partners to ensure identity and access solutions meet or exceed security policies and regulatory compliance requirements. This role will provide technical leadership, subject matter expertise and direction on complex projects/initiatives for their assigned area(s) of responsibility. Will provide subject matter expertise and direction on complex projects/initiatives for their assigned area(s) of responsibility.

Responsibilities

• Leads research, design, architecture, implementation and security of Active Directory ( SSO/AD FS, WFS, DNS, DHCP) and PKI infrastructure for the enterprise
• Design, implement, secure, manage IAM solutions, policies, roles, identity federation for multi-tier apps on prem, cloud hosted , and SAS applications
• Work closely with IT and business partners to ensure identity and access solutions meet or exceed security policies and regulatory compliance requirements
• Work with various application , infrastructure, and security engineering teams to ensure proper IAM controls 
• Responsible for design / integration of active directory services with AWS / AZURE
• Leads design, implementation, support and integration of Active Directory services in support of Office 365 / Sharpoint  / OneDrive / Sailpoint / AWS 
• Leads research, design, architecture and implementation of the enterprise cloud services supporting related Infrastructure as a Service (IaaS), Software as a Service (SaaS) and managed platforms (PaaS).
• Provides direction and guidance for design, architecture, implementation and security of business-critical infrastructure platforms that host LFG applications and platforms

• Development of infrastructure automation (IaC) utilizing Puppet Enterprise , Chef, Ansible, PowerShell etc.

• Coordinates and leads projects through all phases of design and implementation withing areas of responsibility 

Education

• 4 Year/Bachelor's degree or equivalent work experience (4 years of experience in lieu of Bachelor's) in Information Technology or related field (Minimum Required)
• MCP, MCSA, MCSE ( preferred )
• AWS Certified Solution Architect - Associate ( preferred ) 
• Puppet Certified Professional ( preferred )

Experience

• 5 - 7 years IT work experience in an enterprise information technology infrastructure environment with emphasis in Active Directory technology and ADFS ( required )
• Expert level knowledge of Active Directory including SSO / Identity Federation Services architecture and LDAP (SSO/ADFS, WFS, DNS, DHCP, RBAC, SAML + PKI) ( required )
• Expert level knowledge of authentication / authorization principles: OAuth, SAML, Kerberos, MFA, Cognito, S
• Broad understanding of core Microsoft cloud technologies and services, including Azure IaaS and Office 365, and core Microsoft technologies, including Active Directory, ADFS, Exchange, Sharepoint , Windows Server, OneDrive
• Extensive experience working with AWS and AZURE / O365 (AWS Certified Architect Preferred)
• Prover track record operating in a lead technical role and managing large enterprise multi-domain Active Directory environments : AD Services, Replication, Performance, Troubleshooting, Monitoring, Disaster Recovery, Security and Administration
• Prover track record operating in a lead IAM role designing / deploying complex solutions utilizing Microsoft Active Directory Federated Services ( ADFS )
• Fundamental networking knowledge - IP, DHCP, DNS, WINS, routing, etc
• Knowledge of federated identity technologies 
• Experince with web server technology IIS, Apache/PHP , Tomcat
• Proven experience with Windows Server 2008 (R2), Windows Server 2012(R2), Windows Server 2016
• Experience with Private Cloud and Hybrid cloud configurations, patterns, and security practices/paterns in Azure; scripting and automation technologies; PowerShell ; and experience leading enterprise deployments.
• Proven self-starter who takes ownership of opportunities, works independently, manages multiple  / simultaneous projects, and deals well with ambiguity and last-minute changes
• Experience deploying virtual infrastructure using cloud services 
• Experience delivering projects via Agile methodologies 
• Working knowledge of concepts such as CI/CD, source control, application publishing, etc.
• Strong executive presence including communication and presentation skills with a high degree of comfort to large and small audiences.
• Proficiency in IAM principles, with experience in cloud computing, cloud security, security assurance
• Prove track record of delivering highly secure enterprise solutions
• Strong knowledge of Software Development Life Cycle
• Extgensive experience in system design/architecture that directly aligns with the specific responsibilities for this position

This position may be subject to Lincoln’s Political Contribution Policy.  An offer of employment may be contingent upon disclosing to Lincoln the details of certain political contributions. Lincoln may decline to extend an offer or terminate employment for this role if it determines political contributions made could have an adverse impact on Lincoln’s current or future business interests, misrepresentations were made, or for failure to fully disclose applicable political contributions and or fundraising activities.

Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Lincoln Financial Group are considered property of Lincoln Financial Group and are not subject to payment of agency fees.

Lincoln Financial Group (“LFG”) is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, veterans status, or genetic information.  Applicants are evaluated on the basis of job qualifications.  If you are a person with a disability that impedes your ability to express your interest for a position through our online application process, or require TTY/TDD assistance, contact us by calling 260-455-2558.

#P4