Principal Engineer - Identity Access Management
Culver City | Req ID: JR23-10403
Tech/IT/InfoSec at Sony Pictures
Join us in a dynamic fast paced environment focused on delivering value by leveraging an agile framework. In support of our ever evolving film and television businesses, our IT teams leverage the latest technologies and focus on cloud adoption.
Be a part of a diverse, inclusive and collaborative culture that focuses on professional development, high performance and growth by leveraging structured programs that include OKRs (stretch for amazing) and modern development planning tools (e.g. competency model). Check out the top traits we’re looking for and see if you have the right mix.
- trusted partner
- innovative problem solver
- strategic thinker
- change agent
- effective communicator
- learner and developer
Principal Engineer – Identity Access Management is responsible for the design, engineering, and operations of the enterprise authentication and authorization capabilities within SPE’s (Sony Pictures Entertainment) enterprise Identity Access Management platform and services.
The primary responsibilities of this position are to support SPE’s in-house developed application IAM Single Sign On (SSO) integration, support of SaaS SSO integration, Identity Federation services, Access Management services, Directory services, and Multi-Factor Authentication (MFA).
This role will be responsible for providing ongoing support, request fulfillment of the SPE’s IAM platform services, and provide escalation and support to internal application teams and IAM team members. This role also focuses on analyzing emerging authentication technologies to design and implement secure, intuitive, scalable, and reliable Access Management solutions that support SPE’s both internal and external users.
This role must have experience with Okta Identity Management platform.
- Design, develop and maintain a comprehensive SPE’s IDaaS solution based on the Okta Workforce Identity Platform.
- Develop detailed architecture, standards, design, and implementation documentation.
- Participate in or lead troubleshooting and incident resolution of complex high severity incidents.
- Plan and manage project tasks, schedules, and resources related to Identity Access Management services.
- Provide a technical expertise to various application teams in Identity Access Management and governance, to include Single Sign On, MFA, Identity Federation, Lifecycle Management, Enterprise Directory architecture and design, and resource provisioning.
- Work with internal and external application support teams to extend the use of SPE’s enterprise Identity Access Management solutions via Okta platform.
- Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
- Understand complex business and information technology management processes.
- Responsible to install, integrate and deploy any Access Management solutions.
- Communicate to internal users and external partners aspects of both the IAM product and the implementation at the technical and functional level appropriate for the situation
- Work with the Identity Access Management team to continue making enhancement to the SPE’s on-going Identity Access Management program.
- Support efforts regarding audit findings, adherence to compliance and organizational change.
- Responsible for working to resolve Okta system issues escalated within the service level agreement.
- Bachelor’s degree or equivalent applied experience
- 8+ years of experience as an Identity Engineer/Architect or similar role
- 8+ Years of direct experience with large scale enterprise level Identity Access Management (IAM) build and engineering.
- 6+ years of experience with implementing SSO and MFA solutions.
- 5+ years in software development (experience developing web applications), preferably in an agile SaaS environment.
- Experience with designing, implementing, and maintaining an enterprise level Identity Access Management platform based on Okta.
- Experience in security and implementation of best practices such as least privilege, Privileged Access Management, passwordless authentication, etc.
- Experience with compliance including SOX.
- Experience with AWS IAM concepts including SSO, Directory Services, CM and other relevant technologies.
- Solid experience in analyzing logs and identifying problems with authentication and authorization.
- Proficient knowledge of Cloud and On-Prem Directory and Identity systems such as Active Directory, DNS, Azure AD, and relevant systems.
- Proficient knowledge of modern Authentication methods, standards and protocols such as Single Sign On SAML, Oauth, OpenID, Kerberos, LDAP, FIDO2, PIV, and other relevant mechanisms.
- Knowledge of emerging authentication technologies and protocols.
- Okta certified professional a plus.
- Critical thinking, strategic planning, and process management skills.
- Excellent written and verbal communication skills.
- Excellent presentation and group dynamics skills.
- Proven excellence in client/partner relationship management with other Sr. leaders in IT.
- Proactive at finding solutions to complex problems.
*Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.
Sony Pictures is the powerhouse behind some of the world’s most beloved films and television. Peek behind the curtain and watch this video to see what it’s like to work with us.