Regions Financial Corporation
Identity and Access Management Engineer - Hashicorp Vault and Cloud
Regions Financial Corporation, Nashville, North Carolina, United States, 27856
Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law.Job Description:
At Regions, the Identity and Access Management (IAM) Engineer is responsible for working cross-functionally across the organization with business and IT partners, as well as external service partners to deliver the Identity Governance and Administration (IGA) capabilities across Regions. This role includes role-based access controls (RBAC), attribute-based access controls (ABAC), access review/certification, automated provisioning and de-provisioning, and access requests.Primary ResponsibilitiesDesigns, develops, tests, implements, and integrates Identity and Access Management (IAM) systems and solutionsEnsures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or lossAnalyzes and maintains data to ensure projects deliver on timeEnsures the maintenance, patching, operating, and monitoring of IAM systemsSupports and resolves system incidents, problems and changesDesigns and implements reusable strategies, decisions, service components, libraries and frameworks to support enterprise-level IAM servicesOnboards new applications and creates custom workflows, rules, and reports based on business requirementsCreates and analyzes documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagramsLeverages bash scripting to maintain the night processing scriptMeets and encourages project teams to communicate project status, development issues/roadblocks, and requirements feasibilityThis position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.RequirementsBachelor's degree and six (6) years of experience in a related fieldPreferencesAdvanced understanding of UNIX security, as it relates to user access and provisioningExperience with Agile methodology and SDLC concepts/tools (Git, Atlassian stack)Experience with Linux/Unix, Windows, scripting (with programming languages such as Bash, PowerShell, or Perl), SQL, LDAP, and web servicesExperience with one or more programming languages such as Java, C#, C/C++, Python, or JavaScriptExperience with role-based access controls and configuring automated provisioning and deprovisioningExperience with SailPoint (version 7.0 or later) or another IGA/IAM platformRecognized security industry certifications (CISSP, CIAM, etc.)Technical experience in systems integration or software engineering of identity and access management (IAM) solutions (such as BeyondTrust, CyberArk, AWS, Duo, OIM, Ping Identity, RadiantLogic, SailPoint, Okta, Active Directory, RACF)Skills and CompetenciesDemonstrated ability to multi-task, to be self-initiated, and work independentlyExcellent customer service and interpersonal skillsExcellent time management skillsExcellent organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations, and take effective actionKnowledge and skill in technical problem resolutionStrong attention to detail and outstanding analytical skillsStrong written and verbal communication skillsStrong Hashicorp Vault experience is a must
Installing and configuring VaultManaging Vault Server clustersManaging access in Vault (auth methods, policies, MFA, etc.)Managing Secrets in VaultManaging Secrets EnginesIntegrating Vault in CI/CD PipelinesExperience with scripting (bash, Python, HCL)
Experience with GitHubExperience with AWS and Azure cloud services, such as:
AWS Application Load BalancerAWS EC2AWS Key Management ServiceAWS Secrets ManagerAWS Certificate ManagerAWS S3Azure Storage AccountsAzure Log Analytics WorkspacesAzure Application Gateway and/or Load BalancerAzure Bastion service/AWS SSMAzure Key VaultAzure VM Scale Sets/Virtual MachinesAzure Managed DisksAzure Disk Encryption Sets
Experience using Terraform providers for AWS, Azure, and HashiCorp VaultFamiliarity with WizExperience with remediating vulnerabilities in AWS, Azure and on-prem environmentsWorking knowledge of Red Hat and Amazon LinuxThis position must be within a reasonable driving distance to a Branch, Consumer Operations, or Professional Office Building with the primary location being Birmingham, AL, Nashville, TN, Atlanta, GA or Charlotte, NC. Regions will not provide relocation assistance for this position, and relocation would be at your expense. Exceptions to the geographic location requirement may be made for current Regions associates who work remotely.Position TypeFull timeCompensation DetailsPay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job.Job Range Target:Minimum:
$127,530.40 USDMedian:
$162,680.00 USDIncentive Pay Plans:Opportunity to participate in the Long Term Incentive Plan.Benefits InformationRegions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.Paid Vacation/Sick Time401K with Company MatchMedical, Dental and Vision BenefitsDisability BenefitsHealth Savings AccountFlexible Spending AccountLife InsuranceParental LeaveEmployee Assistance ProgramAssociate Volunteer ProgramPlease note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time.Location Details
Atlanta MidtownLocation:
Atlanta, GeorgiaBring Your Whole Self to WorkWe have a passion for creating an inclusive environment that promotes and values the differences that make each of us stand out as unique individuals and help provide valuable perspective that makes us a better company and employer.OFCCP Disclosure: Equal Opportunity Employer/Disabled/VeteransJob applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting.
#J-18808-Ljbffr
At Regions, the Identity and Access Management (IAM) Engineer is responsible for working cross-functionally across the organization with business and IT partners, as well as external service partners to deliver the Identity Governance and Administration (IGA) capabilities across Regions. This role includes role-based access controls (RBAC), attribute-based access controls (ABAC), access review/certification, automated provisioning and de-provisioning, and access requests.Primary ResponsibilitiesDesigns, develops, tests, implements, and integrates Identity and Access Management (IAM) systems and solutionsEnsures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or lossAnalyzes and maintains data to ensure projects deliver on timeEnsures the maintenance, patching, operating, and monitoring of IAM systemsSupports and resolves system incidents, problems and changesDesigns and implements reusable strategies, decisions, service components, libraries and frameworks to support enterprise-level IAM servicesOnboards new applications and creates custom workflows, rules, and reports based on business requirementsCreates and analyzes documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagramsLeverages bash scripting to maintain the night processing scriptMeets and encourages project teams to communicate project status, development issues/roadblocks, and requirements feasibilityThis position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.RequirementsBachelor's degree and six (6) years of experience in a related fieldPreferencesAdvanced understanding of UNIX security, as it relates to user access and provisioningExperience with Agile methodology and SDLC concepts/tools (Git, Atlassian stack)Experience with Linux/Unix, Windows, scripting (with programming languages such as Bash, PowerShell, or Perl), SQL, LDAP, and web servicesExperience with one or more programming languages such as Java, C#, C/C++, Python, or JavaScriptExperience with role-based access controls and configuring automated provisioning and deprovisioningExperience with SailPoint (version 7.0 or later) or another IGA/IAM platformRecognized security industry certifications (CISSP, CIAM, etc.)Technical experience in systems integration or software engineering of identity and access management (IAM) solutions (such as BeyondTrust, CyberArk, AWS, Duo, OIM, Ping Identity, RadiantLogic, SailPoint, Okta, Active Directory, RACF)Skills and CompetenciesDemonstrated ability to multi-task, to be self-initiated, and work independentlyExcellent customer service and interpersonal skillsExcellent time management skillsExcellent organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations, and take effective actionKnowledge and skill in technical problem resolutionStrong attention to detail and outstanding analytical skillsStrong written and verbal communication skillsStrong Hashicorp Vault experience is a must
Installing and configuring VaultManaging Vault Server clustersManaging access in Vault (auth methods, policies, MFA, etc.)Managing Secrets in VaultManaging Secrets EnginesIntegrating Vault in CI/CD PipelinesExperience with scripting (bash, Python, HCL)
Experience with GitHubExperience with AWS and Azure cloud services, such as:
AWS Application Load BalancerAWS EC2AWS Key Management ServiceAWS Secrets ManagerAWS Certificate ManagerAWS S3Azure Storage AccountsAzure Log Analytics WorkspacesAzure Application Gateway and/or Load BalancerAzure Bastion service/AWS SSMAzure Key VaultAzure VM Scale Sets/Virtual MachinesAzure Managed DisksAzure Disk Encryption Sets
Experience using Terraform providers for AWS, Azure, and HashiCorp VaultFamiliarity with WizExperience with remediating vulnerabilities in AWS, Azure and on-prem environmentsWorking knowledge of Red Hat and Amazon LinuxThis position must be within a reasonable driving distance to a Branch, Consumer Operations, or Professional Office Building with the primary location being Birmingham, AL, Nashville, TN, Atlanta, GA or Charlotte, NC. Regions will not provide relocation assistance for this position, and relocation would be at your expense. Exceptions to the geographic location requirement may be made for current Regions associates who work remotely.Position TypeFull timeCompensation DetailsPay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job.Job Range Target:Minimum:
$127,530.40 USDMedian:
$162,680.00 USDIncentive Pay Plans:Opportunity to participate in the Long Term Incentive Plan.Benefits InformationRegions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.Paid Vacation/Sick Time401K with Company MatchMedical, Dental and Vision BenefitsDisability BenefitsHealth Savings AccountFlexible Spending AccountLife InsuranceParental LeaveEmployee Assistance ProgramAssociate Volunteer ProgramPlease note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time.Location Details
Atlanta MidtownLocation:
Atlanta, GeorgiaBring Your Whole Self to WorkWe have a passion for creating an inclusive environment that promotes and values the differences that make each of us stand out as unique individuals and help provide valuable perspective that makes us a better company and employer.OFCCP Disclosure: Equal Opportunity Employer/Disabled/VeteransJob applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting.
#J-18808-Ljbffr