Principal Engineer – Identity Access Management is responsible for the design, engineering, and operations of the enterprise authentication and authorization capabilities within SPE’s (Sony Pictures Entertainment) enterprise Identity Access Management platform and services.

The primary responsibilities of this position are to support SPE’s in-house developed application IAM Single Sign On (SSO) integration, support of SaaS SSO integration, Identity Federation services, Access Management services, Directory services, and Multi-Factor Authentication (MFA).

This role will be responsible for providing ongoing support, request fulfillment of the SPE’s IAM platform services, and provide escalation and support to internal application teams and IAM team members. This role also focuses on analyzing emerging authentication technologies to design and implement secure, intuitive, scalable, and reliable Access Management solutions that support SPE’s both internal and external users.

This role must have experience with Okta Identity Management platform.

Core Responsibilities

• Design, develop and maintain a comprehensive SPE’s IDaaS solution based on the Okta Workforce Identity Platform.
• Develop detailed architecture, standards, design, and implementation documentation.
• Participate in or lead troubleshooting and incident resolution of complex high severity incidents.
• Plan and manage project tasks, schedules, and resources related to Identity Access Management services.
• Provide a technical expertise to various application teams in Identity Access Management and governance, to include Single Sign On, MFA, Identity Federation, Lifecycle Management, Enterprise Directory architecture and design, and resource provisioning.
• Work with internal and external application support teams to extend the use of SPE’s enterprise Identity Access Management solutions via Okta platform.
• Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
• Understand complex business and information technology management processes.
• Responsible to install, integrate and deploy any Access Management solutions.
• Communicate to internal users and external partners aspects of both the IAM product and the implementation at the technical and functional level appropriate for the situation
• Work with the Identity Access Management team to continue making enhancement to the SPE’s on-going Identity Access Management program.
• Support efforts regarding audit findings, adherence to compliance and organizational change.
• Responsible for working to resolve Okta system issues escalated within the service level agreement.

Qualifications

• Bachelor’s degree or equivalent applied experience
• 8+ years of experience as an Identity Engineer/Architect or similar role
• 8+ Years of direct experience with large scale enterprise level Identity Access Management (IAM) build and engineering.
• 6+ years of experience with implementing SSO and MFA solutions.
• 5+ years in software development (experience developing web applications), preferably in an agile SaaS environment.
• Experience with designing, implementing, and maintaining an enterprise level Identity Access Management platform based on Okta.
• Experience in security and implementation of best practices such as least privilege, Privileged Access Management, passwordless authentication, etc.
• Experience with compliance including SOX.
• Experience with AWS IAM concepts including SSO, Directory Services, CM and other relevant technologies.
• Solid experience in analyzing logs and identifying problems with authentication and authorization.
• Proficient knowledge of Cloud and On-Prem Directory and Identity systems such as Active Directory, DNS, Azure AD, and relevant systems.
• Proficient knowledge of modern Authentication methods, standards and protocols such as Single Sign On SAML, Oauth, OpenID, Kerberos, LDAP, FIDO2, PIV, and other relevant mechanisms.
• Knowledge of emerging authentication technologies and protocols.
• Okta certified professional a plus.
• Critical thinking, strategic planning, and process management skills.
• Excellent written and verbal communication skills.
• Excellent presentation and group dynamics skills.
• Proven excellence in client/partner relationship management with other Sr. leaders in IT.

• Proactive at finding solutions to complex problems.

The anticipated base salary for this position is $115,000-$154,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position.
*Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.