Identity and Access Management Senior Analyst
Tech at MUFG
MUFG is undertaking a significant transformation initiative that will make us an agile company that is powered by a resilient, flexible technology and data stack. This means investing in talent, technologies, and tools that put our clients' and colleagues' changing needs first.
We are looking for resilient technologists who will help us build the future of banking with a new digitally-led, cloud-first, real-time deposit system. This is a rare opportunity to transition to a modern platform as a member of this high-impact team.
Backed by the strength and stability of the world’s 5th largest financial institution, you'll help build a bank you’ll be excited to call yours.
What makes you successful in your technology career at MUFG?
Check out the top skills we’re looking for and see if you have the right mix.
Our Culture Principles:
- Client Centric
- People Focused
- Listen Up/Speak Up
- Innovate & Simplify
- Own & Execute
As we transform our digital capabilities and enhance the user experience to create integrated digital and mobile banking tools, we are looking for strong technology professionals who have the technical expertise to guide the bank on its journey to a cloud-first, microservice-based, real-time platform.
Dave H., Head of Core Banking Technology Transformation
Benefits & Total Rewards
Numerous choices for medical coverage (HRA, HSA, and PPO), plus comprehensive prescription coverage, dental and vision. We pay most premium costs and contribute to your HSA or HRA annually.
Monthly financial and wellness webinars, on-site healthy living events and one-on-one personal coaching sessions.
Competitive 401(k) employer match contributions with immediate vesting. Cash balance pension, defined benefit plan with 3-year vesting, fully employer-paid.
Education & Training
Tuition reimbursement for most undergraduate, graduate, and job-related courses at regionally accredited institutions. Internal training programs/courses are also available.
Programs and resources to support family wellness, including: maternity/paternity leave, parental bonding, adoption assistance program, dependent care and family medical leave.
Paid Time Off
Vacation, sick leave, time off to volunteer, and federal holidays, as well as salary continuation during periods of qualifying disability.
Identity and Access Management Senior Analyst
- Requisition # 35576
- Job Type Day
- Location Arlington, TEXAS
- Date posted 09/21/2021
Your potential. Your opportunity.
Duties: Performing Implementation, Administration & Operations of IAM Products which includes Centrify Access Manager, CA PAM, CyberArk, Oracle Identity Manager, One Identity & CA control Minder for large-scale enterprises. Performing Microsoft Active Directory administration & UNIX/Linux administration. Installing/configuring/supporting Centrify Access Manager Suite incl. Centrify CAM, Centrify Reports, Centrify agents to enforce strong passwords on UNIX systems & providing centralized authentication against Active Directory & applying existing separation of duties, processes & procedures to the UNIX environments. Creating Centrify OU’s, Zones, Computer Roles, Role Definitions, User roles, Provisioning groups, Role assignments, Command definitions & configuring zone provisioning agent to manage provisioning & de-provisioning of user’s UNIX access using Centrify Access Manager to provide AD bridging solution. Utilizing a working know. of UNIX authentication & authorization management, PAM, NSS & Kerberos. Utilizing Unix experience with Centrify Agent to perform installation and configuration of the agent as well as to troubleshoot Centrify related authentication issues. Working with Access Manager, Password Vault & session Manager, SSO implementation with Centrify integration platforms within the organization; & implementing procedures & policies to address application support. Performing provisioning & de-provisioning Workflows, identity workflows & providing access management, RBAC (Role-Based Access Control), Auth. & Authorization (encryption) technologies. Utilizing admin. exp. using a variety of PAM tools for multiple platforms (Windows/Linux/Unix/Active Directory/Mainframe, etc.); & experience in Service now (SNOW) and HPSM ticketing tool for Incident management integration. Working with PAM products including password vaulting, session management, Credential policy management, Application to application including design & Implementation of automatic failover/failbacks to Disaster Recovery sites. Supporting wide variety of UNIX flavors including Linux/Red-Hat, AIX, Solaris servers in terms of issue troubleshoot and agent installation failures & Root cause analysis for the prod/non-prod tickets. Migrating existing privileged accounts (Control Minder, TPAM, Thycotic A2A) from current PAM tools to Enterprise PAM services. Understanding the Risk Management Framework (RMF), & resolving complex authentication, authorization & integration problems. Performing Privileged Access Reviews, Compliance Reporting, Entitlements Reporting, Access Control Processes and other associated tasks in the space of Privileged Accounts Security Management. Providing day-to-day operation support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotations, access policy-based provisioning and onboarding privileged accounts into PAM. Patching & Monitoring Vault, Central Password Manager, Two-factor authentication, Privileged Session Manager, Password Vault Web Access servers and services. Configuring an automatic or transparent failover of components to the Disaster Recovery Vaults and Configured Incremental Vault data backups on component servers. Administering of User accounts, Group memberships, and Organizational Units using Active Directory. Build/Rebuild/Decommission servers and Post-Installation tasks. Utilizing experience with PAM authentication process for all kinds of accounts to provide multi factor authentication (includes LDAP, LDAP+RSA) and single sign on. Migrating local sudoers from UNIX/LINUX servers into Centrfiy; and managing the sudo access using Centrify to provide dzdo capability to end users where users need to re-authenticate to use dzdo access. Consolidating authentication and password management on Active Directory where users will have common access profile from a central point using Centrify Access Manager. Supervising the work of 2 Analysts.
Education: Bachelor's Degree in Computer Science, Computer Information Systems or a related field (or foreign equivalent degree).
Experience: 2 years of UNIX access administration experience; performing incident management; working with Audit; and with Splunk, Privileged Access Manager (PAM) tools and IAM controls; and 1 year of experience must include Oracle access administration; Office 365; and Centrify.
Other: Required to work nights & weekends & be on-call during non-business hours for technical support & maintenance purposes.
Location: Arlington, TX 76006
We are committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our people and our business; Equal Opportunity Employer: Minority/Female/Disability/Veteran.