Lead CIAM Engineer

Job Family IT - General About Us At Transamerica, hard work, innovative thinking, and personal accountability are qualities we honor and reward. We understand the potential of leveraging the talents of a diverse workforce. We embrace an environment where employees enjoy a balance between their careers, families, communities, and personal interests. Ultimately, we appreciate the uniqueness of a company where talented professionals work collaboratively in a positive environment — one focused on helping people look forward and plan for the best life possible while providing tools and solutions that make it easier to get there. Who We Are We believe everyone deserves to live their best life. More than a century ago, we were among the first financial services companies in America to serve everyday people from all walks of life. Today, we’re part of an international holding company, with millions of customers and thousands of employees worldwide. Our insurance, retirement, and investment solutions help people make the most of what’s important to them. We’re empowered by a vast agent network covering North America, with diversity to match. Together with our nonprofit research institute and foundation, we tune in, step up, and are a force for good — for our customers and the communities where we live, work, and play. United in our purpose, we help people create the financial freedom to live life on their terms. What We Do Transamerica is organized into three distinct businesses. These include 1) World Financial Group, including Transamerica Financial Advisors, 2) Protection Solutions and Savings & Investments, comprised of life insurance, annuities, employee benefits, retirement plans, and Transamerica Investment Solutions, and 3) Financial Assets, which includes legacy blocks of long-term care, universal life, and variable and fixed annuities. These are supported by Transamerica Corporate, which includes Finance, People and Places, General Counsel, Risk, Internal Audit, Strategy and Development, and Corporate Affairs, which covers Communications, Brand, and Government and Policy Affairs. Transamerica employs nearly 7,000 people. It’s part of Aegon, an integrated, diversified, international financial services group serving approximately 23.9 million customers worldwide.* For more information, visit transamerica.com. Job Description Summary The Lead CIAM Engineer will be responsible for consulting with various groups to plan, architect, and implement standards-based solutions in the areas of general identity management, directory, and security. Provides administrative support for several infrastructures related to web applications, identity management, and the components surrounding these technologies, specifically IBM Security Access Manager and Okta. These include areas such as SharePoint, WebSphere, IIS, Tomcat, Apache, EpiServer, Proxy Internet Access, Oracle Access Manager, CMS Systems, Federation Services, Monitoring, and F5 Content Switches. Also has responsibilities for Internet security, integration of third-party applications, domain name/SSL certificate administration, and documentation. Job Description Responsibilities Direct responsibilities on the operational team for developing and maintaining integrated strategies and solutions, with a focus on Web Access Management services for the Global Aegon environment. Web Access Management services include the following core technologies: Okta, Ping, IBM ISAM, and Federation Services. Identify opportunities for using Web Access Management to leverage single sign-on security with an emphasis on cost containment/reduction strategies. Provide effective project management and feasibility analysis on potential future projects. Support and provide guidance on Web Access Management Systems applications and integrations. Provide documentation highlighting integration, design, and SSO features of solutions. Provide technical leadership, guidance, and architectural planning for internal/external customer engagements. Assist in automation and building repeatable patterns for consumption. Perform day-to-day operations to maintain SLAs and business functions. Runs small to large enterprise infrastructure projects from requirements gathering to post-implementation. Optimizes the performance and availability of the Web Services environment through monitoring, patching, software tools, and process improvements. Complies with information security policies. Solid knowledge of project management methodologies; able to manage project phases or less complex projects. Provide documentation highlighting integration, design, and features of solutions. Qualifications Knowledge and experience in working with IBM Security Access Manager and Okta Auth0. Experience delivering technology solutions at an enterprise level. Excellent diagnostic and troubleshooting skills, and the ability to excel under pressure. Developed written and verbal skills, assignment and priority flexibility, and time management skills. Understanding of DNS, TCP/IP addressing, and networking (Internet, routers, switches). Knowledge of Web Services, Web and Application Services, Java and .NET technologies, and cloud services. Background in scripting, code development such as PowerShell, Ansible, Java, and Terraform. Ability to work in teams on small to large projects. Excellent understanding of cloud and on-prem based infrastructure solutions and their Access Management needs. Ability to quickly learn and apply new concepts. Ability to drive and achieve consensus/support from large diverse groups. Strong written and verbal communication skills enabling effective articulation of strategy. Able to understand how concepts apply to design or architectural efforts. Enterprise network security technologies including firewalls, IDS, IPS, NAC, WAF, and Web Proxies. Working knowledge of Certificate/CA/PKI infrastructure. Possesses and applies broad knowledge of concepts and principles or exhibits technical expertise related to server infrastructure and web-based application support. A four-year computer science or related technical degree or minimum of five years of solid related work experience. Breadth of knowledge across many technology disciplines; including various access management solutions. Eight or more years of progressive related IT experience. Preferred Qualifications Heavy experience in federation using SAML 2.0, Open ID Connect, REST, OAuth standards. Firm understanding of SDS and experience with managing HA replicas. Managing environments with 500K–1MM external users. Understanding of SAML and SSO federated identities. Experience with installing, upgrading, and configuring ISAM/Security Access Manager/WebSEAL version 7.x, ISAM 9-10, and Okta Auth0. Access Management: Web security, Authentication, Authorization, Kerberos, Session Management, Web Proxy, Risk-Based Access. Understanding of microservices-based architecture, API-based system integration, and Amazon Web Services cloud Identity & Access. Understanding of working in a hybrid cloud environment and working knowledge of AWS Cloud Principles. Knowledge in scripting, code development such as PowerShell, Ansible, Java, .NET, etc., and automating developments by code. Ability to work in teams on small to large projects. Excellent understanding of cloud and on-prem based infrastructure solutions and their Access Management needs. Understanding of microservices-based architecture, API-based system integration, and Amazon Web Services cloud Identity & Access. A four-year computer science or related technical degree or equivalent experience. Hands-on experience mentoring small to medium teams. Ability to convert complex information into simple, explainable solutions. Possesses a planning orientation with integrative and strategic thinking skills. Demonstrated project management and client relationship skills. Good understanding of a zero trust network environment. Working Conditions Hybrid-Office Environment.