At Barings, we are as invested in our associates as we are in our clients. We recognize those who work diligently for us and reward them for personal and professional integrity, communication skills, distinct competencies and expertise in specific strategies, ability to collaborate as a team member and true dedication to the interests of our clients.
We thank you for your interest in joining the Barings team, and invite you to explore our current employment opportunities.
Title: Identity and Access Management Engineer
Location: Charlotte, NC
Overall Purpose of Role
Provide IAM engineering support around design and implementation for the Identity and Authentication, DevSecOps, and Cloud Infrastructure teams. Support Barings SSO platform to enable a secure and enhanced authentication experience for internal and external user accounts. Knowledge and experience with information security and authorization and authentication systems. Experience working on Identity and Access Management software and concepts. Understand, participate, review, and influence long term capacity planning and technology investments within the Identity and Access Management technologies.
Principal Responsibilities
Administration of security and logical access control processes.
- Assist with the implementation and maintenance of IAM processes and their lifecycle.
- Implementation and enhancements of Cloud Privileged Identity Management and JIT\JEA workflows
- Implementation and enhancements to the overall authorization and authentication protocols within the Barings environment
- Work with our IAM and Infrastructure teams to manage and reduce interruptions to authentication and authorization services, resolve underlying and recurring problems, and work with our IT suppliers to get the best service for Barings
- Review, design and implement long term strategies related to authentication and authorization to increase user experience while reducing risk across the landscape
- Streamlining and improving user experiences
- Implementing and maintaining technologies to ensure audit and privacy compliance
- Implement and support Azure role-based access control (RBAC) managing administrative access to Azure resources
- Review recommended designs from Azure Cloud application and infrastructure teams
Desired Skills
- Experience within the industry standard SSO technologies and protocols (OAuth, FIDO, SCIM, LDAP, SAML)
- Experience around Identity and Authentication solutions such as Okta, Auth0, Active Directory or Azure AD
- Knowledge of federated identity management capabilities
- Holistic view of IAM (Authentication and Authorization Data, Endpoint Security, Network Security, Policy Engine)
- Ability to utilize various programming or scripting languages such as JavaScript, HTML and PowerShell
- Advanced knowledge of directory services (e.g., Microsoft Active Directory)
- Experience with deployments and integration of IAM solutions within the cloud (Azure)
- Strong working knowledge of security best practices for Microsoft Azure and other cloud technologies.
- Experience with Azure Active Directory, Conditional Access Policies, and third-party single sign-on technologies.
- Experience with Azure Landing Pages, RBAC and PowerShell scripting.
- Understanding of Azure CSP identity & identity governance (IAM & IGM) models
- Understanding of Azure CSP asset/resource IAM models (SQL, API etc)
- Effective communication skills and motivation/willingness to learn
- Ability to transfer best-practise platform capabilities to operationally stable & effective solutions
- Ability to manage projects & deliverables without material support from line management;
Continuous Process Improvement
- Develop and review current working practices, policies, procedures and standards in light of customer demand, regulatory requirements.
Additional tasks
- Demonstrate a commitment to lifelong learning.
- Fulfil additional, relevant, tasks appropriate to the role and business demands.
Education/Certification preferred
- Bachelor's degree in Information Technology or related field
- CISSP/Security+/SANS certifications
- Minimum five years proven information security experience or related area
#LI-KW1
Barings is an Equal Employment Opportunity employer; Minority/Female/Age/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply.
Barings offers a comprehensive benefits package including:
CORE BENEFITS & WELLNESS
- Medical (including Virtual Care), Prescription, Dental, and Vision Coverage
- Fitness Center Reimbursement Program (Including Online Memberships)
- Employee Assistance Program (EAP)
- Fertility Benefits
FINANCIAL WELL-BEING
- Highly competitive 401(k) Plan with Company Match
- Health Savings Account (HSA) with Company Contributions
- Flexible Spending Accounts (FSA) - Health Care & Dependent Care
- Retirement Health Reimbursement Account
LIFE INSURANCE
- Basic and Supplemental Life Insurance
- Spouse and Child Life Insurance
TIME OFF, DISABILITY AND LEAVE OF ABSENCE
- Paid Vacation, Sick Days and Annual Holidays
- Paid Leave of Absences (Maternity Leave, Parental Leave, Caregiver Leave, Bereavement Time)
- Short and Long Term Disability Plans
- Paid Volunteer Time
OTHER BENEFITS
- Education Assistance Program
- Charitable Matching Gifts Program
- Commuter Reimbursement Program
- Adoption and Surrogacy Reimbursement Program
Top Skills
What We Do
Barings is a $382+ billion* global investment manager sourcing differentiated opportunities and building long-term portfolios across public and private fixed income, real estate, and specialist equity markets. With investment professionals based in North America, Europe and Asia Pacific, the firm, a subsidiary of MassMutual, aims to serve its clients, communities and employees, and is committed to sustainable practices and responsible investment. *Assets under management as of 6/30/21