IT Identity Engineer III

Company	World Kinect
Location	Miami, FL, USA
Salary	$Not Provided – $Not Provided
Type	Full-Time
Degrees
Experience Level	Senior, Expert or higher

Requirements

Proven experience as a Senior Active Directory/Entra ID Engineer or similar role with a minimum of 8 years of experience.
Advanced knowledge of Active Directory, Azure Active Directory/Entra ID, Lightweight Directory Access Protocol (LDAP), and Active Directory Federation Services (ADFS).
Familiarity with PIM, PAM, and IGA concepts.
Experience with endpoint privilege management, AWS IAM, Azure AD, and Linux integration.
Relevant Microsoft certifications such as Microsoft Certified: Identity and Access Administrator Associate, Microsoft Certified: Azure Security Engineer Associate, or other industry certifications (e.g., CISSP, CISM, CompTIA Security+).

Responsibilities

Leverage Microsoft Entra ID integrations with AWS Identity and Access Management (IAM) solutions and for secure cloud identity, role and permissions management.
Integrate IAM policies and roles with AWS services and Azure resources.
Manage identities, roles and permissions across multiple large and micro-sized AWS accounts.
Develop Identity monitoring processes, and ensure the SOC, Incident Response and Identity Operations teams have visibility and response capabilities within both infrastructure platforms.
Analyze, design, implement, and support the hybrid on-premises and cloud Active Directory environment.
Collaborate with business and technical partners to integrate systems and applications with centralized authentication using AD.
Implement security baselines and recommended best practices for AD.
Develop and maintain integrations between Entra ID and Linux-based systems ensuring seamless authentication and authorization for Linux users.
Provide subject matter expertise on Azure AD and Entra ID.
Support and maintain Azure AD Federation Services (ADFS) environments and Entra ID Enterprise Applications.
Collaborate closely with global cross-functional teams to ensure stability and security.
Support synchronization and federation between on-premises AD, Azure AD, and Entra ID.
Troubleshoot and optimize synchronization processes to maintain consistency across environments.
Implement time-based and approval-based role activation to mitigate risks associated with privileged accounts.
Administer PAM platforms, including Centrify, CyberArk, and Quest Active Roles Server.
Design and implement controls for managing privileged access on endpoints (Windows, macOS, Linux).
Collaborate with system administrators and security teams to enforce least privilege principles.
Implement and manage role-based access control (RBAC) for various systems and applications.
Define and enforce group-based access policies to elevate privileges when necessary.
Contribute during phases of design, configuration, deployments, and operations in the area of IAM.
Work on access management, identity governance, and identity management solutions.
Develop and maintain scripts or workflows to automate user and device provisioning and deprovisioning.
Streamline the onboarding and offboarding processes to enhance efficiency and security.
Collaborate with application owners to certify and manage access to critical applications.
Ensure secure handling of application secrets (API keys, passwords, etc.) throughout their lifecycle.

Preferred Qualifications

No preferred qualifications provided.