IT Security Engineer - IAM
Charlotte, North Carolina (NC), US
Building the people that build the world.
With platforms in HVAC and Detection and Measurement, SPX Technologies builds innovative solutions that enable a safer, more efficient, sustainable world. Through our RiSE talent development framework, we Reach, Identify, Strengthen, and Engage our employees to support them in their continued development. We’re a global company of problem solvers, collaborators, and innovators, and our businesses build solutions that impact the world.
How you will make an Impact (Job Summary)
SPX is a diverse team of unique individuals who all make an impact. As an Information Security Engineer, IAM (Identity and Access Management) you will be responsible for designing, implementing, and maintaining our secure authentication and authorization services to support SPX business goals ensuring seamless and efficient access management across our systems.
This high-profile role requires broad technical expertise, business experience, and the ability to clearly and effectively communicate complex security topics to SPX personnel.
The primary goal of this role is to ensure the proper function of SPX Identity and Access Systems security technologies on a day-to-day basis.
What you can expect in this role (Job Responsibilities)
While each day brings new opportunities at SPX, your core responsibilities will be:
- Design and Implement:
- Participate in architectural reviews of applications and technologies, both on premise and cloud based, related to identity and authentication.
- Design implementation of identity provisioning (e.g. HR as master) authentication and privileged access to support compliance with security policies.
- Implement SSO Integrations including configuration, customization, and integration with various applications and services (e.g. SCIM provision).
- Evaluate existing Authentication Services and Privileged Access. infrastructure and identify potential enhancements to optimize service performance, security, and scalability.
- Support penetration testing and development of remediation strategies
- Support M&A assessment, remediation and integration activities
- Author technical documents to define architecture and configuration, including processes and instructions to manage and support services
- Operate and Support:
- Perform administration, management and support (provisioning/deprovisioning, patching, troubleshooting, Group Policies, backup/recovery, upgrades) of Identity and Authentication services and technologies to provide availability within agreed SLAs
- Implement Identity & Access changes to meet project and operational requirements following change management process to mitigate risk of service disruption
- Manage digital certificates (public certificates, workstations, self service, automation)
- Administer Privileged Access Management (just in time PAM, administrator MFA, password/key management/rotation)
- Process service desk tickets (incidents, requests, problems) to meet defined SLAs. Perform RCA (Root Cause Analysis) and prevent same incidents from occuring again
- Support internal/external auditing activities
What we are looking for (Experience, Knowledge, Skills, Abilities, Education)
We each bring something to the table, and we are looking for someone who has:
Required Experience
- 5+ years technical IT experience in systems, networks, enterprise applications
- 3+ years of experience in security-related position in corporate IT environment
- 3+ years of hands-on experience integrating applications using industry standards such as SAML/OIDC/OAuth/SCIM/Kerberos/LDAP using Active Directory and Identity-as-a-Service solutions (preferred experience).
- Advanced working knowledge of Information Security technologies including Active Directory (Schema, OU design, replication, DC backup/restore) IDaaS ( MFA/SSO, SAML), SSL/TLS (key use, management), Digital Certificates (PKI), PAM (Privileged Access Management).
- Strong understanding of system level configuration management, general server administration, authentication technologies, network services/protocols and Applications (including Web and mobile).
- Understanding of access management concepts, on premise and cloud applications, especially Microsoft Windows Active Directory (security, groups, role membership)
Preferred Knowledge, Skills, and Abilities
- Expertise on authentication systems, Office 365, Azure, security hardening (CIS)
- Knowledge of Powershell Scripting and Group Policy (GPO) for Task Automation
- Excellent problem-solving abilities and analytical thinking
- Strong ability to handle multiple demands with sense of urgency and initiative
- Proven ability to execute projects independently and collaborate effectively with relevant stakeholders to achieve project/task completion.
- Excellent communication skills, both verbal and written
Education & Certifications
- Bachelor’s degree in Information Technology or related field or the recognized equivalent in work experience or self-study (required)
- Microsoft Certification on Active Directory (MCSA, MCSE, MCITP:EA) (preferred)
- CISSP Certification (preferred)
- CompTIA Security+ (preferred)
Travel & Working Environment
- Travel up to 10%
How we live our culture
Our culture is at the center of what we do and, more importantly, who we are. Our core values set a standard for how we manage ourselves, and our Leadership Model sets the standard for how we engage with each other. Whether you are an individual contributor or you lead a large team, each of us leads at SPX.
What benefits do we offer?
We know that the well-being of our employees is integral. Our benefits include:
- Generous and flexible paid time off including paid personal time off, caregiver, parental, and volunteer leave
- Competitive health insurance plans and 401(k) match, with benefits starting day one
- Competitive and performance-based compensation packages and bonus plans
- Educational assistance, leadership development programs, and recognition programs
Our commitment to embrace diversity to build a culture of inclusion at SPX
We value different backgrounds, experiences, and voices at SPX, and we are committed to challenging ourselves, openly communicating, and striving to improve every day. We believe in creating an inclusive work environment where everyone has a voice and is encouraged to realize their fullest potential.
SPX is an affirmative action and equal opportunity employer committed to making selection decisions without regard to race, color, religion, sex, sexual orientation or identity, national origin, age, disability, veteran status, or any other legally protected basis.