Employer: UnitedHealth Group
job description:
Combine two of the fastest-growing fields on the planet with a culture of performance, collaboration and opportunity and this is what you get. Leading-edge technology in an industry that’s improving the lives of millions. Here, innovation isn’t about another gadget, it’s about making health care data available wherever and whenever people need it, safely and reliably. There’s no room for error. Join us and start doing your life’s best work.(sm)
You’ll enjoy the flexibility to telecommute* from anywhere within the U.S. as you take on some tough challenges.
IAM Cloud Engineering (ICE) team provides support for Microsoft’s Cloud-based Identity and access management service, Azure Active Directory (AAD). Azure AD provides support for variety of User Personas including (B2E), Business to Employee, Azure AD support for Developers, (B2B) – Business to Business with Guest/External Partners including NIE/AEs and upcoming (B2C) frameworks. Azure AD is the Cloud IDP of choice that provides authentication and authorization services for Hybrid & Cloud born identities, Microsoft 365 Applications, SaaS Applications, workstations and Cloud servers, and other third-party cloud platforms. The ICE team manages and supports the organization with the adoption of the below services to support our mission of making Cloud First a world class experience for everyone.
As a Cloud Principal Engineer, your primary focus will be on IAM engineering activities for Azure AD & Cloud DevOps/Operational Support; implement and enforce IAM controls for applications migrating to or already deployed in Gov clouds (Azure Gov Cloud). You will work with IAM segment leads, IAM architecture team, IaaS/Cloud Engineering and CI/CD teams to identify and leverage the best practices for IAM controls implementation.
Primary Responsibilities:
- Identify and establish the necessary structures, roles & responsibilities required within the Cloud IAM & DevOps teams
- Serve as subject matter expert on multiple public Cloud IAM technologies / solutions
- Collaborate with EIS, Cloud Application Engineering & IAM Operational support teams on Cloud IAM services and controls
- Implement the cloud security best practices and Support the Cloud IAM Roadmap and implementation of enterprise wide IAM policies across the platform
- Define the IAM cloud centric measures and performance metrics to track the effectiveness of the services and enforcement of controls
- Manage the automation of cloud components using Infrastructure-as-Code (IaC) principles within a CI/CD pipeline
- Create/enhance automation scripts, CICD pipelines to implement IAM roles, policy bindings in the AZURE public/Gov clouds env
- Work on automation using CICD/Jenkins pipelines, Terraform scripts for IAM infrastructure setup and capabilities deployment
- Support public cloud (Azure) hosted applications and infrastructure services by maintaining and enforcing IAM policies and procedures
- Work on any escalation for IAM issues within public cloud platforms (Azure)
- Identify gaps and recommend solutions to improve operational efficiencies across IAM processes and patterns
You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.
Required Qualifications:
- Undergraduate degree or equivalent experience
- 10+ years of working experience in:
- Public Cloud Platforms (Azure, AWS) with focus on Azure AD IAM (Identity and access management) concepts and security frameworks
- Directory services, multi-factor authentication, user provisioning, privileged access management, single sign-on, federation technologies and protocols such as SAML, OAuth, OIDC etc.
- Cloud IAM functionality across multiple public cloud services (IAM Roles, Permissions and Policies)
- Infrastructure and application deployment automation experience using Terraform and Jenkins to public clouds
- Solid understanding of DevOps, Automation with CICD pipelines
- Automating system administration tasks, deployments, and other repeatable tasks
- Python and Scripting languages
Preferred Qualifications:
- Government Clearance
- Technical or security certifications (Azure certifications, CISSP)