Identity and Access Management (IAM) Engineer- (Hybrid- Lombard IL)

Job Title: Identity and Access Management (IAM) Engineer - (Hybrid - Lombard IL)

Requisition ID: 27739727

Duration: Not specified

Location: Lombard, IL

Description:

People Passion Purpose

Everything School Specialty offers is designed for one purpose - to help students succeed. We believe every student can flourish in an environment where they feel safe and inspired to explore and grow.

We're determined to positively impact the future, one child at a time. We need to talk if you share our passion:

Transforming more than classrooms.

Benefits:

School Specialty offers Medical, Dental, & Vision plans (Effective Day 1), Wellness programs, Health Savings Accounts, Flexible Spending Accounts, 401 (k), Unlimited PTO for Salaried Exempt employees, which can also be used for dedicated volunteer hours, Education Reimbursement, Paid Holidays, Fall & Winter Flexible Hours, Employee Discounts and much more!

Identity and Access (IAM) Engineer

We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to manage and enhance our organization's IAM systems. The ideal candidate will have a strong background in identity management, governance, and access control, with expertise in platforms like Active Directory, EntraID, Okta, and others. This role is critical to ensuring secure and efficient access to systems and data across the organization, supporting compliance, and enabling seamless user experiences.

The base salary range for this role is $90K-$110K Annually . This is a hybrid position. Candidate will work both from their home office and out of the Lombard IL location.

Summary of Primary Responsibilities:

1. Identity Management Systems Administration:
   • Perform platform-specific administration (Active Directory, EntraID, Okta, etc.)
   • Manage accounts, including creation, modification, and deletion
   • Oversee group and role management to ensure appropriate access levels
   • Maintain directory services for optimal performance and reliability
2. Identity Governance and Compliance:
   • Conduct user access rights reviews
   • Implement and manage role-based access control (RBAC)
   • Assess and mitigate identity-related risks
   • Prepare compliance reports and conduct audits to ensure adherence to policies
   • Develop and enforce identity and access management policies
3. Access Management:
   • Implement and maintain Single Sign-On (SSO) solutions
   • Manage Multi-Factor Authentication (MFA) for enhanced security
   • Oversee Privileged Access Management (PAM) and Privileged Identity Management (PIM) programs
4. Security and Compliance:
   • Administer Secret Server for secure credential management
   • Manage Microsoft Defender for Identity to protect against identity-related threats
   • Implement least privilege principles to minimize access risks
   • Conduct regular access audits and report findings
5. User Lifecycle Management:
   • Handle user provisioning and de-provisioning processes
   • Reconcile accounts to ensure accuracy and compliance
   • Manage integrations, such as HRMS to Okta, for seamless user management
6. Systems Integration and Process Automation:
   • Automate workflows for access requests and approvals
   • Create custom scripts and tools to streamline IAM processes
   • Integrate IAM systems with HR, IT service management, and other enterprise systems
7. Monitoring, Analytics, and Reporting:
   • Respond to identity-related incidents and manage incident resolution
   • Monitor IAM systems' performance and identify areas for improvement
   • Analyze logs and detect anomalies to prevent security breaches

Minimum Experience Requirements:

• A minimum of five years of IT experience, with at least three years focused on IAM at an enterprise level
• Proven expertise in managing IAM platforms such as Active Directory, EntraID, Okta, and related technologies
• Strong understanding of identity governance, access control, and compliance requirements
• Experience with implementing and managing SSO and MFA solutions
• Proficiency in scripting and automation tools for IAM processes
• Familiarity with Privileged Access Management (PAM) and Privileged Identity Management (PIM)
• Knowledge of API integrations and workflow automation
• Excellent communication and collaboration skills, with the ability to work effectively across cross-functional teams
• Relevant certifications in IAM, such as CISSP, CISM, or equivalent, are highly desirable

Preferred Skills and Knowledge:

• Desire to work in a team environment
• Willingness to perform after-hours and on-call duties as needed
• Ability to prioritize and multi-task
• Willingness to learn and adapt to new environments and technologies
• Self-starter and confident
• Excellent verbal, written, and interpersonal communication skills.

Disclaimers:

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

• School Specialty, LLC. is a Drug-Free Workplace. All applicants are subject to a drug screen and background check as a condition of employment.
• We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class.
• If you need a reasonable accommodation for any part of the employment process, please contact us by email at and let us know the nature of your request and your contact information.

#LI-Hybrid

Job Grade: 12

Openings: 1