Senior Cybersecurity Workforce Identity Engineer

Cox Automotive is seeking a talented and experienced Senior Cybersecurity Workforce Identity Engineer to join our Identity and Access Management (IAM) team. In this role, you will be responsible for designing, developing, and maintaining identity management and authentication solutions, including Single Sign-On (SSO) and Multi-Factor Authentication (MFA). You will play a critical role in building secure, scalable access systems that enhance user experience while ensuring compliance with security standards and regulatory requirements.

Key success factors include:

• A deep understanding of IAM technologies, principles, and best practices is essential. This includes familiarity with various IAM solutions, identity management techniques, and secrets management.
• Hands-on experience within a workforce and customer authentication environment
• A deep understanding of authentication architecture and design

• Design and oversee authentication and SSO solutions across enterprise and applications and platforms.
• Oversee integrations of identity providers (IdPs) such as Okta, Azure AD, Ping Identity with internal and third-party applications.
• Develop and oversee secure authentication mechanisms using protocols such as SAML, OAuth 2.0, OpenID Connect, and Kerberos.
• Collaborate with application owners and developers to enable SSO and federated identity integrations.
• Implement and enforce multi-factor authentication (MFA) policies and technologies.
• Troubleshoot and resolve authentication and access-related incidents.
• Document architecture, configurations, and procedures related to authentication and access systems.
• Stay current with emerging authentication technologies, threats, and best practices.

• Bachelor's degree in a related discipline and 4 years' experience in a related field. The right candidate could also have a different combination, such as a master's degree and 2 years' experience; a Ph.D. and up to 1 year of experience; or 16 years' experience in a related field
• Must have experience in designing, implementing, and maintaining authentication solutions, ensuring the security of workforce and CIAM personnel
• Clearly articulate the objective of specific cybersecurity policies and procedures to technical and non-technical stakeholders.
• Excellent customer service skills, writing, and executive presentation skills.
• Ability to develop a strong and productive working environment with key stakeholders and collaborate closely with other Cox entities' cybersecurity teams to implement cybersecurity best practices.
• Consultative nature to work through controversial or complex topics to employees, leaders, and/or senior leadership.
• Ability to evaluate risks and make recommendations based on impact and likelihood of the risk to the business.

• Deep understanding of IAM concepts: authentication, authorization, SSO, MFA, RBAC, ABAC.
• Experience with IAM platforms such as Okta, Ping Identity, Azure AD, or SailPoint.
• Proficiency in modern authentication protocols such as, SAML 2.0, OAuth 2.0, OIDC, Kerberos, Radius
• Experience implementing Single Sign-On (SSO) and federated identity solutions.
• Knowledge of identity federation standards and cross-domain authentication.
• Implementation and management of MFA solutions (e.g., Duo, Microsoft Authenticator, YubiKey, Google Authenticator).
• Experience with passwordless authentication (e.g., FIDO2, Windows Hello for Business).
• Knowledge of cybersecurity frameworks (e.g., ISO 27000, NIST, FFIEC) and industry relevant regulations that will guide architectural requirements (e.g., GDPR, FFIEC, GLBA)
• Familiarity with identity and access management (IAM) systems and protocols

• Developing connectors for aggregation and user provisioning along with understanding System for Cross-domain Identity Management (SCIM) in detail.
• Deep understanding of federating authentication and how the protocols are implemented.
• Deploying identity controls and building conditional access policies in Entra ID.
• Knowledge of current cybersecurity and technology architectures such as zero trust.
• AWS Well-Architected Framework.

• Automotive industry experience.
• Big four consulting or Fortune 500 company experience.
• Relevant industry certification (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA).