Senior Identity Access Management (IAM) Engineer - Identity Governance
Dormont Manufacturing Co
Job Description
Cybersecurity – Sr. Analyst – Identity Governance Position Summary: This position will be a part of the Cyber Security team and requires a strong background in cybersecurity as well as foundational identity management technology and architecture. The Cybersecurity Sr.
Analyst (Identity Governance) will lead and support Identity Governance initiatives, including continuous operational maturity of our Identity Access Management and Identity Governance Programs. This includes implementation of an IGA platform, PAM, RBAC, enforcement of SOD, least privileged policies, MFA optimization, password‑less authentication, and Identity‑centric ZTNA. The role will directly support the Delinea PAM platform architecture and configuration, particularly the migration to Delinea’s SAAS platform to ensure Privileged Roles are managed according to ADI’s Policy and Standards and compliance with regulatory obligations (SOX, CMMC, TISAX, HIPAA, etc.).
This role will also focus on integration and alignment of identity governance into engineering, manufacturing environments and support our strategy for ZTNA enablement. Key Responsibilities Identity Governance: Design automations/workflows and manage IGA controls and platforms to support user provisioning, deprovisioning, access requests and UARs / access recertifications, implementing automation, streamlining end‑user experience and internal IT provisioning processes, utilizing AI for further efficiency where possible. Design, manage and mature RBAC to enforce least privilege access for users and devices, limiting exposure and minimizing risk of data breaches.
Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for IGA team technologies and processes. Investigate and respond to identity‑related incidents, violations and anomalous access behavior identified in IGA monitoring and reporting systems. Continuously monitor data access activity, identify potential security risks, and maintain a clear audit trail of data access events.
Work with IT, HR and other business partners to develop, refine, automate and streamline identity lifecycle processes (joiner/mover/leaver provisioning, de‑provisioning), establish birthright entitlement structures and mature identity verification processes. Collaborate across compliance and IT teams to align Identity Governance to ADI’s regulatory requirements (SOX, CMM, TISAX, HIPAA). Promote adherence to Information Security Policies and participate in ongoing updates to Policies as needed for alignment with IDAM technology roadmaps and capabilities and/or to address Information Security risks.
Monitor and remediate orphan accounts, access violations, and segregation of duties conflicts. Troubleshoot identity‑related issues and provide Tier 3 support for Cyber Identity‑related incidents. Automate workflows using PowerShell, Python, or similar scripting languages.
Participate in ongoing auditing and risk assessments, and implementation of audit recommendations. UARS – User Access Certifications: Manage all aspects of the User Access Review (UAR) process for the enterprise‑supported access program, plan and execute quarterly UARs for all systems in the program and mature automation around these processes. Ensure all evidence of authorization is documented and archived according to internal standards.
Identify and engage system partners across the company to ensure readiness and engagement for regular UARs. Produce and maintain data reporting, analysis, dashboards and scorecards supporting overall UAR health, execution, and closure. Collaborate with IT IAM leads and business managers to understand new business requirements and collaboratively design solutions that align with enterprise Policy & standards and industry best practices for identity security.
Privilege Access Management: Support the Delinea PAM platform architecture and configuration, migration to Delinea’s SAAS platform, and support for on‑prem instances in regulated Enclaves. Ensure Privileged Roles are managed according to ADI’s Policy and Standards and compliance with regulatory obligations (SOX, CMMC, TISAX, HIPAA). Support and refine technical PAM solutioning that aligns with enterprise architecture strategies, current state environment, business use cases, and proactively defend against evolving security risks.
Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end‑user support, and other business teams as needed. Stay current with emerging IAM, PAM and IGA technologies, industry security best practices and regulatory compliance changes which would introduce new identity‑specific control requirements. Required Qualifications Bachelor’s degree in Cybersecurity, Computer Science, or related field.
Minimum 7–9 years of experience, 10+ preferred, within IT, IAM or Cyber Security, with hands‑on experience in Identity and Access Management or related security roles. Minimum of 5 years working with common industry IGA solutions (SailPoint, Saviynt) including application onboarding, development and configurations of identity workflows and automations. Understanding of Privileged Access Management (PAM) and IAM Governance principles.
Knowledge of Active Directory, Microsoft Entra, LDAP, Redhat Identity solutions and SSO including deployment, administration, and troubleshooting. Hands‑on experience with IGA tools (SailPoint, Saviynt). Hands‑on experience with Privileged Access Management Solutions (particularly Delinea), including deployment, integrations, engineering, and adoption strategies for large‑scale enterprises, secrets key management on multi‑cloud environments (AWS/Azure), DevOps and orchestration platforms.
Strong understanding of identity lifecycle, RBAC, policy‑based access controls. Strong understanding of Active Directory, Azure AD/Entra, Group Policy and cloud identity models. Strong knowledge of Conditional Access policy configurations in AD/Entra, and MFA (DUO and Microsoft Authenticator).
Demonstrated expertise in leading strategic, organization‑wide identity and security initiatives; providing reports to executive stakeholders; and facilitating successful adoption. Knowledge of security frameworks (NIST, ISO 27001) and regulatory compliance requirements (SOX, CMMC, PCI, etc.). Proficiency in scripting and automation (PowerShell, Python).
Excellent problem‑solving and communication skills. Familiarity with principles of ZTNA, specifically identity verification methods, technologies and architectures, verifying each access attempt based on identity, location and device health. Experience with audits and compliance processes in highly regulated environments.
Preferred Qualifications Relevant certifications: CISSP, CISM, Microsoft Identity and Access Administrator, SailPoint Certified Engineer. Experience and/or knowledge of Zero Trust architecture. Soft Skills Strong analytical and troubleshooting abilities.
Ability to work collaboratively across teams. Detail‑oriented with a focus on security and compliance. Job Req Type: Experienced Required Travel: Yes, 10% of the time Shift Type: 1st Shift/Days For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S.
Department of Commerce – Bureau of Industry and Security and/or the U.S. Department of State – Directorate of Defense Trade Controls. As such, applicants for this position – except U.S.
Citizens, U.S. Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) – may have to go through an export licensing review process. Analog Devices is an equal opportunity employer.
We foster a culture where everyone has an opportunity to succeed regardless of race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group. #J-18808-Ljbffr