Sr. IAM Engineer
New York Life Insurance Company ("New York Life" or "the company") is the largest mutual life insurance company in the United States*. Founded in 1845, New York Life is headquartered in New York City, maintains offices in all fifty states, and owns Seguros Monterrey New York Life in Mexico.
New York Life is one of the most financially strong and highly capitalized insurers in the business. The company reported 2016 operating earnings of $1.954 billion. Total assets under management at year end 2016, with affiliates, totaled $538 billion. As of year-end 2016, New York Life's surplus was $23.336 billion. New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody's Aaa; Standard & Poor's AA+. (Source: Individual Third Party Ratings Report as of 8/17/16).
Financial strength, integrity and humanity—the values upon which New York Life was founded—have guided the company's decisions and actions for over 170 years.
- Recognized as an expert within the company for Identity & Access Management Services and Platforms
- Influences the strategy to address internal or external business and regulatory issues
- Proactively identifies and solves the most complex problems that impact the management and direction of the business
- Contributes to the development of functional strategy
- May lead multidisciplinary projects, processes or vendor management
- Lead the requirements, design, development, testing and implementation of scalable IAM solutions that meet business requirements, policies, and IS standards.
- Architect and design solutions that integrate with new or existing IAM platforms including provisioning, de-provisioning and integration of applications for authentication
- Working with stakeholders, define and document business requirements and technical design documentation for the development of new connectors and robotics automation for business and technology applications
- Working with stakeholders, define and document new applications within SailPoint Identity IQ for automated and semi-automated provisioning, including related SoD, custom provisioning forms/work items
- Engineer, deploy, and maintain new data subsystems used in Identity Management and Access Management ecosystems, i.e. audit log repository and reporting, IAM Data Analytics capability that spans our multiple warehouses and repositories, ETL plant for effective and efficient data manipulation in and out of Identity Management and Access Management (IAM) context as well as between our own systems, and the seamless migration off and decommission of legacy repositories.
- Define and document requirements for enhanced IAM services such as base account provisioning and password sync (Password interceptor & Desktop Reset)
- Maintain alignment of IAM vision with Information Security objectives and business requirements
- Establish a continual service improvement plan and improve overall IAM service, focusing on operational, process and resource efficiency
- Establish and provide metrics that provide visibility in to performance and efficiency of the IAM effort
- Assist with development and maintain process and control documentation supporting IAM services
- Design, engineer and support a data base to host Identity Management and Access Management (IAM) Reference Data required to support our Identity Management and Access Management business processes. This may be enhancements or an aggregation of existing repositories, EMP and EPR.
- Consults businesses and evaluates functional requirements. Translates these requirements into information security solutions. Provides guidance to business partners about applicability of information security to meet business needs.
- Supports the documentation and accreditation processes necessary to assure that new IT systems meet the organization's information security requirements.
- Responds to crisis or urgent situations to mitigate immediate and potential threats. Investigates and analyzes all relevant response activities.
- Ensures that IS security architecture, designs, plans, controls, processes are aligned with IS strategy and standards.
- Represent Information Security in cross-functional meetings and projects.
- Perform other duties and/or special projects as assigned
Core Technical Requirements:
- 7+ years documenting business and technical requirements, project plans, issues/risks
- 7+ years project management experience using both waterfall and agile methodologies
- 7+ years of experience managing projects through the full system development lifecycle
- 7+ years of experience with developing and maintaining run support procedures, standards and controls, including aggregation review and issue resolution, SoD violation reviews, NPE tracking and follow-up, native control reviews, password masking and encryption best practices
- 7+ years of experience in information technology, with a focus on information security in one or more of the following areas: IAM, cyber threats, security operations, data loss prevention, threat intelligence, security architecture, policy/governance
- 7+ years of architecture experience in a hands-on role
- 7+ years of experience with Active Directory, ODSEE or Ping
- 7+ years of experience with Windows, Linux and Solaris Operating Systems knowledge
- 7+ years of experience with one or more directories such as CA Directory, Oracle Directory, AD, Ping, or IBM Directory Server
- 7+ years of experience with one or more databases such as Oracle, IBM and MS SQL etc.
- 7+ years of experience with: major operating systems such as Microsoft Windows and Unix; mainframe security packages such as TopSecret, ACF2 and RACF; and/or leading packaged application solutions for ERP systems, Active Directory, Exchange, CRM systems or portals
- 5+ years of experience in configuring and administering SailPoint IIQ and Security IQ
- 5+ years of experience with configuring and maintaining SailPoint Identity IIQ, specifically performing role mining, RBAC, access certifications, workgroups, workflows
- 5+ years of experience in deploying SailPoint IIQ and Security IQ, including full development of workflows, provisioning forms, custom forms, base account provisioning, password management, reports, access certifications, out-of-the-box connectors, custom connectors
- 3+ years of experience with federated identity and web services security concepts such as SAML, Liberty ID-FF and ID-WSF, WS-Federation, OpenID, OAuth and WS-Security
- Familiarity of RPA tools and related implementations
- Experience in SOX/MAR documentation and related controls
- Bachelor's degree in Computer Science, Information Systems or equivalent related field preferred, with a minimum of 5 years of experience in Information Technology OR in lieu of the Bachelor's degree, a minimum of 9 years of experience in Information Technology
- Master's degree in Computer Science, Information Systems preferred
- CISSP, J2EE or equivalent a plus
If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.
- Based on revenue as reported by "Fortune 500, ranked within Industries, Insurance: Life, Health (Mutual)," Fortune Magazine, June 17, 2016. See http://fortune.com/fortune500/ for methodology.
Total surplus, which includes the Asset Valuation Reserve, is one of the key indicators of the company's long-term financial strength and stability and is presented on a consolidated basis of the company.
Operating earnings is the key measure use by management to track Company's profitability from ongoing operations and underlying profitability of the business. This indicator is based on generally accepted accounting principles in the US (GAAP), with certain adjustments Company believes to be appropriate as a measurement approach (non GAAP), primarily the removal of gains or losses on investments and related adjustments.
- Assets under management represent Consolidated Domestic and International insurance Company Statutory assets (cash and invested assets and separate account assets) and third party assets principally managed by New York Life Investment management Holdings LLC, a wholly owned subsidiary of New York Life Insurance Company.
Meet Some of New York Life Technology's Employees
HR Business Partner
As an HR Business Partner to New York Life's Technology Team, Chester is a valued partner who delivers services to support the team's objectives and employees.
Back to top