
Staff Security Operations Engineer (Imprivata OneSign)
Sandisk
Posted about 14 hours ago
Job Description
This role is primarily focused on the support, administration, and operational ownership of the Imprivata OneSign platform. The Staff Security Operations Engineer serves as the day-to-day technical lead for Imprivata OneSign, ensuring its availability, reliability, and security across the organization. Supporting identity and access management technologies - multi-factor authentication (Duo MFA and Windows Hello for Business), mobile device management, and Active Directory / Entra ID - make up the secondary scope of the role.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Imprivata OneSign Support (Primary Focus):
- Serve as the primary administrator and operational owner of the Imprivata OneSign platform.
- Lead and support the implementation, configuration, and ongoing maintenance of Imprivata OneSign.
- Provide day-to-day operational support, including monitoring platform health, troubleshooting issues, and managing escalations related to authentication, single sign-on, and access workflows.
- Configure, enforce, and troubleshoot Imprivata OneSign policies across diverse applications, endpoints, and systems.
- Act as the technical escalation point for all Imprivata OneSign incidents, working with vendors and internal teams to identify root causes and implement durable solutions.
- Maintain documentation, runbooks, and operational procedures for the Imprivata OneSign environment.
- Multi-Factor Authentication (MFA) Management (Secondary Focus):
- Administer and manage the organization’s MFA platforms, including Duo MFA and Windows Hello for Business.
- Implement and enforce MFA policies across the organization, ensuring integration with various applications and systems.
- Monitor MFA performance, troubleshoot issues, and handle escalations related to authentication failures or policy violations.
- Mobile Device Management (MDM) (Secondary Focus):
- Support the administration of the Intune platform security, Conditional Access and Compliance, and RBAC/PIM/MAA Governance.
- Work with IT teams to ensure all mobile devices comply with organizational security policies and access controls.
- Active Directory (AD) and Azure AD (Entra ID) (Secondary Focus):
- Provide support for Active Directory, managing user accounts, group policies, and organizational units.
- Assist with synchronization between on-premises AD and Azure AD using Azure AD Connect, ensuring seamless hybrid identity integration.
- Troubleshoot and resolve issues related to AD/AAD authentication and access provisioning.
- IAM Process Optimization:
- Continuously evaluate and improve IAM processes related to Imprivata OneSign, MFA, and AD to enhance security and user experience.
- Automate routine identity management tasks and workflows to increase efficiency and reduce manual errors.
- Incident Response and Troubleshooting:
- Act as the technical escalation point for identity-related incidents involving Imprivata OneSign, Duo MFA, Windows Hello for Business, and other IAM systems.
- Investigate, troubleshoot, and resolve IAM issues, working closely with other teams to identify root causes and implement solutions.
- Compliance and Reporting:
- Ensure IAM solutions meet compliance requirements such as SOX, etc.
- Generate reports for auditing purposes and provide insights into the security posture of identity systems.
- Collaboration and Documentation:
- Collaborate with security, IT, and compliance teams to define and implement identity governance frameworks.
- Develop and maintain comprehensive documentation for all IAM solutions, policies, and procedures.
- Training and Knowledge Sharing:
- Provide training to end-users and technical staff on IAM best practices, focusing on Imprivata OneSign, MFA, and other key services.
- Stay up-to-date with industry trends and emerging technologies to continuously enhance the organization’s IAM capabilities.
Professional Attributes
- Leadership: Demonstrated ability to assist in leading cross-functional teams and manage technical resources, driving projects and solutions to successful completion.
- Problem-Solving: Strong analytical and troubleshooting skills with a proactive approach to identifying and resolving issues within complex identity and directory environments.
- Analytical Skills: Ability to analyze complex IAM issues and apply logical troubleshooting techniques to resolve identity-related problems.
- Attention to Detail: High accuracy and attention to detail in managing identity policies, systems configurations, and security protocols.
- Communication: Strong communication skills to collaborate with technical and non-technical stakeholders across the organization.
- Team Player: Ability to work effectively as part of a cross-functional team, with a focus on supporting the broader IAM strategy.
- Customer Focused: Demonstrated ability to deliver excellent service to internal and external stakeholders, focusing on user experience without compromising security.
- Adaptability: Ability to quickly learn and adapt to new tools, technologies, and security practices in a dynamic IT environment.
Qualifications
Required:
- Imprivata OneSign (Primary):
- Hands-on experience administering and managing Imprivata OneSign or a comparable enterprise single sign-on / authentication platform.
- Ability to configure, enforce, and troubleshoot Imprivata OneSign policies across diverse applications and systems.
- Experience providing operational support, incident response, and lifecycle management for an Imprivata OneSign environment.
- Multi-Factor Authentication (MFA):
- Experience administering and managing Duo MFA and Windows Hello for Business, or similar authentication platforms.
- Ability to configure, enforce, and troubleshoot MFA policies across diverse applications and systems.
- Mobile Device Management (MDM):
- Knowledge of MS Intune platforms and their integration with IAM systems for device security and policy enforcement.
- Experience managing mobile devices in an enterprise setting, focusing on compliance and access control.
- Active Directory (AD) and Azure AD (Entra ID):
- Experience managing user accounts, group policies, and organizational units in Active Directory.
- Familiarity with hybrid identity environments using Azure AD and Azure AD Connect for synchronization between on-prem and cloud identities.
- PowerShell Scripting:
- Basic PowerShell scripting skills to automate tasks related to identity management, such as user provisioning, reporting, and troubleshooting.
- SIEM and Auditing Tools:
- Familiarity with security information and event management (SIEM) tools for monitoring identity-related logs and events.
- Experience generating audit reports for compliance purposes.
Programming and Tools
- Scripting and Programming Languages:
- PowerShell: Proficiency in using PowerShell to automate identity tasks, generate reports, and troubleshoot issues.
- Python (optional): Familiarity with Python for advanced IAM automation and integration tasks.
- IAM and Directory Tools:
- Imprivata OneSign: Expertise in configuring, administering, and maintaining Imprivata OneSign for secure single sign-on and authentication.
- Duo MFA & Windows Hello for Business: Expertise in configuring and maintaining Duo MFA and Windows Hello for Business for secure multi-factor authentication.
- Azure AD Connect: Experience with synchronization between on-prem AD and Azure AD for seamless hybrid identity management.
- MDM Platforms:
- Experience with leading MDM tools such as Microsoft Intune, ArborXR, or equivalent for mobile device management and security.
- Monitoring and Logging:
- Familiarity with SIEM platforms (e.g., Devo) for monitoring and auditing identity events and security logs.
Preferred:
- Experience:
- 6+ years of experience in IT or Information Security, with a focus on identity and access management.
- 3+ years of direct, hands-on experience administering and supporting Imprivata OneSign.
- Experience working with Duo MFA, Windows Hello for Business, Microsoft Intune, Active Directory, and Azure AD (Entra ID).
- Education:
- BA or BS in Information Technology, Computer Science, Information Security, or a related field. Equivalent hands-on experience in IAM may be considered in lieu of a degree.
- Relevant certifications such as Imprivata certifications, Microsoft Certified: Identity and Access Administrator, Certified Information Systems Security Professional (CISSP), or DUO Security Administrator are desirable.
Language
- English proficiency in both speaking and writing.
Logistics
- Primary work in a general and/or home office environment.
- Willing to be 24 x 7 on call.
- Willing to perform work functions cross time zones to support Asia coverage needs.
Additional Information
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at jobs.accommodations@sandisk.com to advise us of your accommodation request.
Job details
Jobr Assistant extension
Get the extension →