Job Title:Identity and Access Management Engineer Duration:12 months contract Location:New York, NY Mode of Interview:Onsite JOB DESCRIPTIONThe Public Cloud Transformation Services (PCTS) team is responsible for enabling the public cloud to become a preferred platform across Morgan Stanley IT. This is a global, multi-discipline team responsible for architecting and delivering secure, robust, and innovative solutions which would enable the development teams to build and deploy new applications as well as migrate selected existing applications into the public cloud. The team works with multiple public cloud providers and are presently looking for an experienced Cloud Engineer familiar with various cloud concepts, services, and tools, preferably from multiple public cloud providers but primarily in the Identity and Access Management space (IAM). The candidate will be involved in multiple aspects of the team's work, including evaluation of new cloud products and services and integrating them into standard Morgan Stanley cloud solutions. RESPONSIBILITIES-Providing IAM solutions for migrating or new applications in the Morgan Stanley environment across multiple Cloud providers including but not limited to Azure and AWS -Provide IAM services for complex, multi-tier applications that are migrating to Cloud Platforms -Selecting appropriate IAM Cloud controls for migrating applications based on given requirements -Working in a globally distributed team to provide innovative and robust Cloud centric solutions -Closely working with Vendors to develop and deploy Cloud services to meet customer expectations -Integrate, configure, document and deploy compliant infrastructure and supporting services in the Cloud platform -Design, Optimization and Documentation of the Operational aspects of the Cloud platform -Troubleshooting problems, resolving root cause, and where possible, fixing the bug(s) -Collaborate with Risk Management to ensure necessary controls to Cloud services are deployed and tested REQUIRED SKILLS- Expert experience in the Identity space with a background in Active Directory or similar LDAP stores -Expert knowledge of Azure Active Directory Connect synchronization software -Expert knowledge of authentication with SAML, OAuth, OpenID and Kerberos -Strong knowledge in providing Federated Identity with solutions such as PING Federate or ADFS -Prior experience in providing RBAC solutions for AWS and Azure -Experience creating technical architecture documentation -Strong communication and written skills -Strong scripting and automation abilities including PowerShell and/or Python -Prior experience using compliance assurance tooling such as RedLock -Prior experience with products from HashiCorp such as Terraform, Vault and Consul -Prior experience with risk control frameworks and engagements with risk and regulatory functions -Experience in the financial industry - provided by Dice Associated topics: attack, identity access management, iam, idm, information assurance, information security, leak, phish, protect, vulnerability
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.