IDAM Senior Engineer

AVEVA is creating software trusted by over 90% of leading industrial companies.

Location: Cambridge | UK

Employment type: Full-time regular

Benefits: Competitive package with an attractive bonus incentive plan, regionally specific benefits ranging from above the norm paid vacation, contributions to retirement investment plans or pensions, insurances and many other memberships and perks designed to enhance the workplace experience, your health, and wellbeing.

The job involves looking for an Identity and Access Management (IDAM) focused Senior Engineer with a strong background in engineering hybrid Windows platforms to join our growing team. The AVEVA IT team is dedicated to securing access to AVEVA's platforms. The Senior IDAM Engineer will be responsible for designing, delivering and maintaining modern and legacy infrastructure required to support a rapidly growing software company. You will play a crucial role in furthering the security posture of the organization through a combination of technical hands-on work and collaboration with cross-functional engineers to drive transformational security projects.

• Design, develop, test, implement, and integrate Messaging and Identity and Access Management (IAM) systems and solutions.
• Ensure that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss.
• Act as a technical security resource providing expertise regarding EntraID, M365, Azure tooling, and security best practices.
• Identify, analyze and resolve system design weaknesses.
• Troubleshoot and manage the resolution of issues relating to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
• Determine and recommend the most appropriate response to identified more complex problems, issues and/or defects by assessing impact and prioritization.
• Design reusable strategies, decisions, service components, libraries, and frameworks to support enterprise-level IAM services.
• Plan and deploy IAM turnkey solutions including onboarding of client applications.
• Provide level 2 and level 3 support and coordinate as needed with the technology vendors.
• Develop and adhere to guidelines/processes for deploying, monitoring, maintaining, and documenting essential infrastructure services.
• Manage critical incidents, requests, incidents, and problems to resolution.
• Work in concert with security teams to harden infrastructure systems and monitor for malware and unauthorized access.
• Mentor other IT engineers and share knowledge to foster an environment of learning and support.

• A solid foundation in Microsoft security policies and configurations spanning Microsoft cloud services (SaaS/PaaS), IAM, and Privilege Access Management domains.
• A strong understanding of industry-standard SSO technologies and authentication methods (OpenID Connect, SAML, OAuth, Kerberos, LDAP, etc.).
• Production-level experience designing, implementing, and supporting Microsoft security infrastructure.
• An eagerness to produce scalable and repeatable security practices through automation.
• Thorough knowledge and/or a proven record of success in Continuous integration, development and testing practices and dabble in DevOps tools and standards.
• Expertise in the set of OneIdentity suite of products and familiarity with the typical systems they are integrated with.
• Experience debugging, troubleshooting, and remediating secure design issues.
• Demonstrated experience managing and securing Azure resources using code-driven methods.
• A broad knowledge and understanding of the cyber security threat landscape.
• Significant and proven experience of dealing with IDAM systems incidents and associated response measures.
• Excellent written and oral communication skills in English.

• At least 5 years of professional experience in the IAM field focused roles on delivering security on cloud native, distributed architectural solutions in complex environments.
• Familiarity with predominant public cloud providers (Azure, AWS, GCP).
• Understanding of IAM Industry trends in cloud technologies for public, private and hybrid cloud deployments.
• Bachelor's degree in computer science, Engineering, Mathematics, related field; or equivalent combination of education/professional experience in a similar role.
• One or more technical security certifications is a plus: CCSP – Certified Cloud Security Professional, CISSP – Certified Information Systems Security Professional.

• Strong ability to communicate with both technical and non-technical team members.
• Customer focused mindset and is capable of flexing and delivering security solutions to meet the business needs while achieving high security standards.
• Growth mindset, passionate to learn and use new/emerging technologies.
• Must work well independently and with others as part of a larger team and be able to collaborate on cross-functional teams.

About AVEVA: AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises. Nine out of ten industrial leaders count on AVEVA software to help them deliver the essentials of life, such as energy, water, food, and medicine - safely, efficiently, and sustainably.

Our impact on the sustainability of the industrial sector has led to us being named one of the world’s most innovative companies, and our own sustainability commitments lead the global software industry. At AVEVA, you’ll be part of a team that has not only won hundreds of patents, but also awards for our diversity, equity, and inclusion programs.

AVEVA is an Equal Opportunity Employer, and we take immense pride in the diversity of our people. We are driven by our corporate values of Impact, Aspiration, Curiosity, and Trust, and you’ll even get three days to help save the world, every year, in the form of paid volunteer time to work on causes that matter to you.

UK Benefits include: Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program.

It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive.

Hiring process: Interested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process.

AVEVA requires all successful applicants to undergo and pass a drug screening and comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third-party personal data may involve additional background check criteria.

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. AVEVA provides reasonable accommodation to applicants with disabilities where appropriate. If you need reasonable accommodation for any part of the application and hiring process, please notify your recruiter. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.