AAA
External candidates: In order for your application to be correctly processed please sign-in before you apply
Internal candidates: Please go to Workday and click “Find Jobs” link under Career
Thank you for considering opportunities with us!
Job Title IAM Directory Services Engineer – Remote
Requisition Number R6739 IAM Directory Services Engineer – Remote (Open)
Location Glendale, Arizona
Additional Locations Alabama – Home Teleworkers, Alabama – Home Teleworkers, Arkansas – Home Teleworkers, Colorado – Home Teleworkers, Connecticut – Home Teleworkers, Delaware – Home Teleworker, District of Columbia – Home Teleworkers, Florida – Home Teleworkers, Georgia – Home Teleworkers, Idaho – Home Teleworkers, Illinois – Home Teleworkers, Indiana – Home Teleworkers, Iowa – Home Teleworkers, Kansas – Home Teleworker, Kentucky – Home Teleworkers, Louisiana – Home Teleworkers, Maine Home Teleworkers, Maryland – Home Teleworkers, Massachusetts – Home Teleworkers, Michigan – Home Teleworkers, Minnesota – Home Teleworkers, Mississippi – Home Teleworker, Missouri – Home Teleworker, Montana – Home Teleworkers, Nebraska – Home Teleworkers {+ 19 more}
Job Information
CSAA Insurance Group (CSAA IG), a AAA insurer, is one of the top personal lines property and casualty insurance groups in the U.S. Our employees proudly live our core beliefs and fulfill our enduring purpose to help members prevent, prepare for and recover from life’s uncertainties, and we’re proud of the culture we create together. As we commit to progress over perfection, we recognize that every day is an opportunity to be innovative and adaptable. At CSAA IG, we hire good people for a brighter tomorrow. We are actively hiring for am IAM Directory Services Engineer – Remote! Join us and support CSAA IG in achieving our goals.
Your Role:
We are seeking a highly skilled Directory Services IAM Engineer to join our dynamic Information Security team. The ideal candidate will have demonstrable experience with Azure and on-premises Active Directory, and a strong operational and architectural mindset. Experience with CyberArk, Okta, and SailPoint is highly desirable.
Your Work:
Directory Services:
Manage and maintain the organization’s Microsoft Entra ID and on-premises Active Directory environments.
Ensure optimal performance, availability, and security of directory services.
Conduct regular audits of directory services to ensure compliance with security policies and standards.
Monitor and resolve directory services issues to provide timely resolutions.
IAM Architecture and Design:
Develop and implement IAM strategies that align with organizational goals and regulatory requirements.
Design and implement scalable IAM solutions that meet business needs and security requirements.
Collaborate with multi-functional teams to integrate IAM solutions with other IT systems and applications.
Evaluate and recommend new IAM technologies and tools to enhance security and operational efficiency.
Privileged Access Management:
Implement and administer CyberArk for privileged access management.
Monitor and manage privileged access to ensure security and compliance.
Single Sign-On and Multi-Factor Authentication:
Configure and manage Okta for Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions.
Ensure seamless integration and functionality of SSO and MFA across the organization.
Experience migrating identity providers would be a plus.
Security and Compliance:
Ensure IAM practices align with relevant regulations and standards, including PCI-DSS, MAR, SOC etc.
Develop and maintain IAM policies, procedures, and documentation.
Conduct risk assessments and implement mitigation strategies to protect against IAM-related threats.
Collaboration and Support:
Provide expert mentorship and support to IT and security teams on IAM-related issues.
Work closely with application owners, system administrators, and other stakeholders to ensure seamless IAM integration.
Participate in incident response activities related to IAM incidents and vulnerabilities.
Technical Skills:
In-depth knowledge of IAM concepts, technologies, and best practices.
Strong understanding of directory services, authentication protocols, and identity federation.
Experience with IAM architecture design and implementation.
Proficiency in scripting languages such as PowerShell, Python, or similar.
Soft Skills:
Must be a self-starter.
Excellent problem-solving and analytical skills.
Strong communication and interpersonal skills.
Ability to work independently and as part of a team.
Detail-oriented with a commitment to excellence.
Required Experience, Education and Skills:
Bachelor’s or equivalent experience in Computer Science, Information Systems, or other related field
6+ years of relevant experience with a minimum of 5 years of experience in IAM engineering or a related role.
Extensive experience with Microsoft Entra ID and on-premises Active Directory.
Experience with CyberArk, Okta, and SailPoint is highly desirable.
Knowledge of security issues, techniques, and implications across all existing computer platforms.
Expertise in account management, password auditing, network based and Web application-based vulnerability scanning, virus management and intrusion detection.
Technical expertise in systems administration and security tools, combined with the knowledge of security practices and procedures.
Able to work with a changing schedule that includes standard or non-standard business hours of work.
What would make us excited about you?
Actively shapes our company culture (e.g., participating in employee resource groups, volunteering, etc.
Lives into cultural norms (e.g., willing to have cameras when it matters: helping onboard new team members, building relationships, etc.)
Travels as needed for role, including divisional / team meetings and other in-person meetings
Fulfills business needs, which may include investing extra time, helping other teams, etc.
CSAA IG Careers
At CSAA IG, we’re proudly devoted to protecting our customers, our employees, our communities, and the world at large. We are on a climate journey to continue to do better for our people, our business, and our planet. Taking bold action and leading by example. We are citizens for a changing world, and we continually change to meet it.
Join us if you…
BELIEVE in a mission focused on building a community of service, rooted in inclusion and belonging.
COMMIT to being there for our customers and employees.
CREATE a sense of purpose that serves the greater good through innovation.
Recognition: We offer a total compensation package, performance bonus, 401(k) with a company match, and so much more! Read more about what we offer and what it is like to be a part of our dynamic team at
In most cases, you will have the opportunity to choose your preferred working location from the following options when you join CSAA IG: remote, hybrid, or in-person. Submit your application to be considered. We communicate via email, so check your inbox and/or your spam folder to ensure you don’t miss important updates from us.
If a reasonable accommodation is needed to participate in the job application or interview process, please contact [email protected]
As part of our values, we are committed to supporting inclusion and diversity at CSAA IG. We actively celebrate colleagues’ different abilities, sexual orientation, ethnicity, and gender. Everyone is welcome and supported in their development at all stages in their journey with us.
We are always recruiting, retaining, and promoting a diverse mix of colleagues who are representative of the U.S. workforce. The diversity of our team fosters a broad range of ideas and enables us to design and deliver a wide array of products to meet customers’ evolving needs.
CSAA Insurance Group is an equal opportunity employer.
The national average salary range for this position is $122,850-$136,500. However, we have a location-based compensation structure. Our salary ranges vary and are calculated based on county of residence. The full salary range for this position across all the states we hire in is $110,500-$164,000 This role also includes an opportunity for a company-wide annual discretionary bonus, through our Annual Incentive Plan (AIP), of up to 10% of eligible pay.
If you apply and are selected to continue in the recruiting process, we will schedule a preliminary call with you to discuss the role and will disclose during that call the available salary/hourly rate range based on your location. Factors used to determine the actual salary offered may include location, experience, or education.
Must have authorization to work indefinitely in the US.
Please note we are hiring for this role remote anywhere in the United States with the following exceptions: Hawaii and Alaska.
#LI-PD
.
AAA
You must sign in to apply for this position.