Senior Identity Access Management (IAM) Engineer - Identity Governance

About Analog Devices

Analog Devices, Inc. (NASDAQ: ) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay Ahead of What's Possible(TM).

Position Summary

This position will be a part of the Cyber Security team and requires a strong background in both cybersecurity as well as foundational identity management technology and architecture. The Cybersecurity Sr. Analyst (Identity Governance) will lead and support Identity Governance initiatives, including but not limited to, supporting the ongoing continuous Operational Maturity of our Identity Access Management and Identity Governance Programs. This includes but is not limited to implementation of an IGA platform, (PAM) Privileged Access Management, establishing RBAC and enforcing SOD (Separation of duties) as well as least privileged policies, optimization and standardization of MFA across the environment and continue our maturity towards password-less authentication, and Identity Centric ZTNA.

This role is a senior-level contributor that will directly lead governance program activities and will be able to influence the maturity and adoption of strong identity security practices across ADI. This role will directly support the Delinea PAM platform architecture and configuration, particularly the migration to Delinea’s SAAS platform to ensure Privileged Roles are managed to ADI’s Policy and Standards, as well as ensure compliance to our regulatory obligations (SOX, CMMC, TISAX, HIPAA etc). In addition - This role will also be focused on the integration and alignment of identity governance into the engineering and manufacturing environments and supporting our strategy for ZTNA enablement which heavily leverages strict identity verification mechanisms.

Key Responsibilities

• Identity Governance:
• Design automations/workflows and manage identity governance and assurance (IGA) controls and platforms to support user provisioning, deprovisioning, access requests and UARs/access recertifications. Implementing automation for these processes, streamlining the end user experience and internal IT provisioning/entitlement processes, utilizing AI for further efficiency wherever possible.
• Design, manage and mature role-based access control (RBAC) to enforce least privilege access with each user and devices grant access only to the specific applications or data necessary for their roles, limiting potential exposure and minimizing the risk of data breaches or unauthorized access.
• Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for IGA team technologies and processes.
• Investigate and respond to identity-related incidents, violations and anomalous access behavior identified in IGA monitoring and reporting systems.
• Continuously monitor data access activity, identify potential security risks, and maintain a clear audit trail of data access events.
• Working with IT, HR and other business partners develop, refine, automate and streamline identity lifecycle processes (joiner/mover/leaver provisioning, de-provisioning), and establish birthright entitlement structures and mature identity verification processes.
• Collaborate across compliance, and IT teams to align Identity Governance to ADI’s regulatory requirements (e.g., SOX, CMM, TISAX, HIPAA).
• Promote adherence to Information Security Policies and participate in the ongoing updates to Policies as needed for alignment with IDAM technology roadmaps and capabilities and/or to address Information Security risks.
• Monitor and remediate orphan accounts, access violations, and segregation of duties (SoD) conflicts.
• Troubleshoot identity-related issues and provide Tier 3 support for Cyber Identity-related incidents.
• Automate workflows using PowerShell, Python, or similar scripting languages.
• Participate in ongoing auditing and risk assessments, and implementation of audit recommendations.
• UARS- User Access Certifications:
• Working with Cyber Identity Governance team members to directly manage all aspects of the User Access Review (UAR) process for the enterprise-supported access program including regulatory environments/applications. This includes planning and executing quarterly UARs for all systems participating in this program and continuing to mature the automation around these processes.
• Ensure all evidence of authorization is documented and archived according to internal standards.
• Identifying and engaging with participating system partners across the company to ensure readiness and engagement for regular UARs.
• Producing and maintaining data reporting, analysis, dashboards and scorecards in support of overall UAR health, execution, and closure.
• Collaborating with IT IAM leads as well as IT business managers to understand new business requirements, and to collaboratively design solutions that align with enterprise Policy & standards and industry best practices for identity security.
• Privilege Access Management:
• Directly support the Delinea PAM platform architecture and configuration, successful migration to Delinea’s SAAS platform, and support for on-prem instances in our regulated Enclaves.
• Ensure Privileged Roles are managed to ADI’s Policy and Standards, as well as ensure compliance with our regulatory obligations (SOX, CMMC, TISAX, HIPAA etc.).
• Continue to support and refine technical PAM solutioning that aligns to enterprise architecture strategies, current state environment, support of various business use cases and proactively defend against evolving security risks.
• Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support, and other business teams as needed.

Stay current with emerging IAM, PAM and IGA technologies, industry security best practices and regulatory compliance changes which would introduce new identity specific control requirements.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, or related field.
• Minimum 7- 9 years of experience, 10+ preferred, within IT, IAM or Cyber Security, with hands-on experience in Identity and Access Management or related security roles.
• Minimum of 5 years working with common industry IGA solutions, (e.g., SailPoint, Saviynt) including application onboarding, development and configurations of identity workflows and automations.
• Understanding of Privileged Access Management (PAM) and Identity Management/IAM Governance principles.
• Knowledge of Active Directory, Microsoft Entra, LDAP, Redhat Identity solutions and SSO including deployment, administration, and troubleshooting.
• Hands-on experience with IGA tools (e.g., SailPoint, Saviynt).
• Hands-on experience with Privileged Access Management Solutions (particularly Delinea). This includes deployment, integrations, Engineering, and adoption strategies of PAM for large scale enterprises, including secrets key management on multi cloud environments (AWS / Azure), Dev Ops and Orchestration platforms.
• Strong understanding of identity lifecycle, RBAC, policy-based access controls.
• Strong understanding of Active Directory, Azure AD/Entra, Group Policy and cloud identity models.