Identity Security Engineer

The position requires someone capable of managing sophisticated technical details and who is proficient across multiple disciplines (planning, requirements gathering and validation, system design, development, operations, and configuration). Due to the global nature of the enterprise directory data management services and Azure Active Directory system, this position provides the outstanding opportunity to engage with multiple business teams, joint ventures, and different Ford IT organizations (Office of the CIO/Strategy, IT Operations, Application Development, and Enterprise Connectivity etc.).  

• Software Design: The role requires designing secure and scalable Identity and Access Management (IAM) solutions. This includes architecting custom systems, designing secure APIs, and defining data models to protect user identities and access policies.

• Identity & Access Management (Microsoft Entra ID): Design, implement, and manage identity solutions using Microsoft Entra ID, including user lifecycle management, group memberships, and Administrative Units, configure and maintain security features such as Multi-Factor Authentication (MFA), Passwordless authentication, and Entra ID Protection.  Develop and enforce Conditional Access policies to ensure secure, least-privilege access to corporate resources.  

• Programming/Coding (e.g., Python): The candidate must utilize programming skills to develop and automate security tools and platforms. Responsibilities include coding custom IAM solutions, building secure APIs, and implementing the core logic for password management applications.

• Operating Systems: A deep understanding of operating systems (e.g., Linux, Windows) is needed to harden and secure the underlying infrastructure. This involves configuring OS-level security controls and ensuring the secure deployment of IAM platforms.

• CI/CD Pipeline Management (e.g., Jenkins, GitHub): The position involves managing and securing CI/CD pipelines. The candidate will integrate automated security testing into the development lifecycle to ensure code is secure from development to deployment (DevSecOps).

• Version Control (e.g., GitHub): The candidate will use version control systems to manage codebase changes for security applications and enforce best practices like code reviews and branch protection to maintain code integrity.

• Cloud Computing (e.g., Azure): The role requires leveraging cloud platforms like Azure to build, deploy, and manage secure IAM solutions. Experience should include configuring cloud identity services (e.g., Azure AD) and managing cloud infrastructure security.

• Databases (e.g., SQL, MongoDB): The candidate must have experience with various databases to securely store and manage sensitive user identity and access data. Responsibilities include designing secure database schemas and protecting encrypted user credentials.

• Responsible for enterprise identity provisioning and enterprise directory and Azure Active directory data management in the Security Service Department.
• Provide critical 7x24 support of Enterprise Identity & Access Management 

• Release engineering, provisioning and maintenance of infrastructure, system administration and security.

• Incident, Knowledge, Problem, JIRA and Change Management

• Maintain & test DR document, and perform backup and disaster recovery procedures

• Maintain documentation of all Operations administrative processes, procedures, and configurations.

• Interact with team members to improve tools, technology stack, and application performance and stability.
• Resolve operational concerns through collaboration with customers, engineering SMEs, and product vendors.
• Propose, configure, and implement enterprise solutions (covering both process and technical aspects) according to established standards and best practices
• Lead the design, implementation, integration, and maintenance of software, technical infrastructure, and services (all aspects of the technology lifecycle)
• Develop implementation requirements for technical infrastructure and services
• Develops project charters and/or project requirements (cost, timing, scope, contingency, and risks)
• Develop support and deployment plans for technical infrastructure and services

• Automate server related maintenance tasks

• Collaborate closely with customers, engineering SMEs, and product vendors to resolve issues.

• Deploy product updates, identifying production issues and implementing integrations that meet customer needs.

• Bachelor's degree in Computer Science, Information Technology, Electrical Engineering, or a closely related field of study
• 4+ years of IT experience