Sony Pictures Entertainment, Inc
IAM Operations Lead
Sony Pictures Entertainment, Inc, Culver City, California, United States, 90232
Sony Pictures Entertainment (SPE) is looking for an IAM Operations Lead to support our enterprise Identity management program (IDM) in our Culver City, CA headquarters. Within IT, the position reports to the Executive Director, Corporate IT and will be accountable for all technology aspects of software service management so that the product meets business and technology requirements and is delivered on-time/on-budget.The position is focused on Identity Governance and Compliance using SailPoint IIQ, and knowledge of LDAP directories. The individual must have at least 5+ years of experience with SailPoint, OKTA or other IAM technologies. This role will be responsible for supporting daily operations as well as contribute to long term strategy/architecture. The addition of this role will complement SPE’s relationship with its managed services vendor, resolve an imbalance with regard to the dependency/risk of technical ownership, and focus on delivering value in three areas:Improving the management of incident queues and accountability of managed services supportEnsuring that escalations are immediately handled without compromising incident SLAs or our enhancement streamEnable internal discovery for both code and process improvements related to data and solution footprintResponsibilities:Incidents:
Supporting all L3 Service Now INCs and requests. Service Now INCs represent the predictable and essential workload of the Operations stream, and includes but is not limited to the following request types:
Queue ManagementBulk UpdatesPAM Account SupportUser Account Repair/Correction
Access Certifications:
Staging, launching, managing, and performing all close-out activities (SOX and non-SOX) associated with access certification campaigns.Production Debug:
Debugging production issues pertaining to the operational current-state. This includes but is not limited to, troubleshooting defects for root cause analysis, discovery of design flaws, missed requirements, and coding defects.Recurring System Maintenance:
Performing actions specific to recurring system maintenance, including but not limited to:
Performance check for IDM SystemsVerify file-based authoritative sourcesWorkday scan monitoringMonthly custom reports (e.g. Blackbaud CSRConnect/YourCause, EINS/Swing/GHD Monthly Update Process)
Password Rotations:
Ensuring all IDM systems and IDM service account passwords are rotated and in compliance with the appropriate password policy.Ad Hoc Requests:
Responding to ad-hoc demands generated via escalation from stakeholders.Key outputs include:Documenting SLA, KPI and other technical KT documentsProject/task deliveryProblem Management & Root cause analysisContribute to assessment reports / position and recommendation documents on technology evaluationsEnterprise Standards documentation; usage guidelines; reference architecturesQualifications:5+ years of experience in architecting, designing, and implementing identity management strategies and solutions with at least 5 years of experience with SailPoint IIQ in the following areas:User life cycle management processes (on-premise and cloud), RBAC, certificationsIntegration of IGA tools with ServiceNow, Workday, physical access systems, O365, CyberArkStrong experience with developing and troubleshooting web services especially REST and SCIMFamiliarity with agile methodology. We use Jira for sprint planning and issue trackingAbility to look at both the “big picture” as well as technical details.Experience leading business requirements gathering, and solution designExperience with Access management, SSO, & federation tools like SiteMinder, Ping Access, ForgerockSome experience with LDAP directory architecture including directory schema, namespace and replication topology and virtual directory products such as OpenLDAP, ODSEE, Radiant LogicIDaaS tools such as Okta, Ping, AzureExperience with AD, Azure AD, O365, ADFS and its integration with IGA toolsSome experience with modern protocols and frameworks such as SAML, WS-federation, OIDC, OAUTH, and JWTFamiliarity with RPA/BOTS in the context of Identity self-service processesFamiliarity with on-premise and cloud PAM tools such as CyberArk, BeyondTrust, etc.Familiarity with public and private cloud services integration with IGA toolsFamiliarity with MFASome experience with JBOSS, Tomcat, WebLogic, Apache, NginxSome experience with common relational databases and NoSQL/document databasesSome experience with CI/CD/DevOps tools such as Jenkins and source control such as Git and Nexus. Other automation/DevOps/CI/CD experience is desirable but not required.Skills:Excellent team player with a positive attitude.Must be able to collaborate cross-functionally and globally with team members, both internal and external to Sony Pictures EntertainmentStrong customer service orientation, personal commitment and accountability to deliver a best-in-class quality of serviceExperience in managing service partners focused on delivery of business valueStrong written and verbal communication skillsBe flexible to adapt to business changes during digital transformation efforts at SPESome experience in resource and project managementMust be able to multitask and manage the time between operational and architecture tasks
#J-18808-Ljbffr
Supporting all L3 Service Now INCs and requests. Service Now INCs represent the predictable and essential workload of the Operations stream, and includes but is not limited to the following request types:
Queue ManagementBulk UpdatesPAM Account SupportUser Account Repair/Correction
Access Certifications:
Staging, launching, managing, and performing all close-out activities (SOX and non-SOX) associated with access certification campaigns.Production Debug:
Debugging production issues pertaining to the operational current-state. This includes but is not limited to, troubleshooting defects for root cause analysis, discovery of design flaws, missed requirements, and coding defects.Recurring System Maintenance:
Performing actions specific to recurring system maintenance, including but not limited to:
Performance check for IDM SystemsVerify file-based authoritative sourcesWorkday scan monitoringMonthly custom reports (e.g. Blackbaud CSRConnect/YourCause, EINS/Swing/GHD Monthly Update Process)
Password Rotations:
Ensuring all IDM systems and IDM service account passwords are rotated and in compliance with the appropriate password policy.Ad Hoc Requests:
Responding to ad-hoc demands generated via escalation from stakeholders.Key outputs include:Documenting SLA, KPI and other technical KT documentsProject/task deliveryProblem Management & Root cause analysisContribute to assessment reports / position and recommendation documents on technology evaluationsEnterprise Standards documentation; usage guidelines; reference architecturesQualifications:5+ years of experience in architecting, designing, and implementing identity management strategies and solutions with at least 5 years of experience with SailPoint IIQ in the following areas:User life cycle management processes (on-premise and cloud), RBAC, certificationsIntegration of IGA tools with ServiceNow, Workday, physical access systems, O365, CyberArkStrong experience with developing and troubleshooting web services especially REST and SCIMFamiliarity with agile methodology. We use Jira for sprint planning and issue trackingAbility to look at both the “big picture” as well as technical details.Experience leading business requirements gathering, and solution designExperience with Access management, SSO, & federation tools like SiteMinder, Ping Access, ForgerockSome experience with LDAP directory architecture including directory schema, namespace and replication topology and virtual directory products such as OpenLDAP, ODSEE, Radiant LogicIDaaS tools such as Okta, Ping, AzureExperience with AD, Azure AD, O365, ADFS and its integration with IGA toolsSome experience with modern protocols and frameworks such as SAML, WS-federation, OIDC, OAUTH, and JWTFamiliarity with RPA/BOTS in the context of Identity self-service processesFamiliarity with on-premise and cloud PAM tools such as CyberArk, BeyondTrust, etc.Familiarity with public and private cloud services integration with IGA toolsFamiliarity with MFASome experience with JBOSS, Tomcat, WebLogic, Apache, NginxSome experience with common relational databases and NoSQL/document databasesSome experience with CI/CD/DevOps tools such as Jenkins and source control such as Git and Nexus. Other automation/DevOps/CI/CD experience is desirable but not required.Skills:Excellent team player with a positive attitude.Must be able to collaborate cross-functionally and globally with team members, both internal and external to Sony Pictures EntertainmentStrong customer service orientation, personal commitment and accountability to deliver a best-in-class quality of serviceExperience in managing service partners focused on delivery of business valueStrong written and verbal communication skillsBe flexible to adapt to business changes during digital transformation efforts at SPESome experience in resource and project managementMust be able to multitask and manage the time between operational and architecture tasks
#J-18808-Ljbffr