Manager - IAM Services (US - Remote)

Company: Avantor
Location: Portland
Posted on: March 16, 2023

Job Description:

Job Summary Reporting to the Director of Engineering Services, the IAM Services Manager is responsible for leading the architecture, design, development, and ongoing support of Avantor's unregulated as well as the Gov/regulated enterprise Active Directory environments and processes. The position will interact directly with the other Engineering Services Teams, the Engineering Architect, application developers, other infrastructure architects, cloud providers, as well as other system administrators to gather technical requirements, resolve complex technical issues and implement enterprise and cloud-based authentication solutions. The IAM Services Manager will collaborate with the IT Security team on initiatives to drive compliance and security for Avantor's environment. The IAM Services Manager will manage a team which provides global 3rd level support and troubleshooting for core Identity and Access Management tools, Active Directory and Azure AD services, related AD management tools and certificate services. As part of this well-respected IT group you will enjoy a wide variety of self-directed work within a supportive team environment. MAJOR JOB DUTIES AND RESPONSIBILITIES (List in order of importance)

• Manages a team which provides project and tier 3 related support for Active Directory, Azure AD and Identity & Access Management solutions for both regulated and unregulated environments.
• Sets team direction and goals, coaches and counsels staff to accomplish goals and has performance management responsibility for the team.
• Provides project management and technical consulting on authentication and identity management projects and initiatives.
• Provides reporting on project and initiative progress of the IAM team.
• Manages license compliance, budgets and purchasing/legal review process related to IAM products and tools
• Defines and implements policies and governance for Identity and Access Management in an enterprise setting in close collaboration with the Information Security and Risk Management team.
• Leads the architecture, design, deployment and support of IAM Services, including Privileged Access Management and Identity Management tools.
• Maintains and improves Multi-factor authentication solutions.
• Defines policies for the delegated administration of group policies and object management in AD and AAD.
• Designs and implements single sign-on solutions for cloud-based applications.
• Other duties as assigned. QUALIFICATIONS (Education/Training, Experience and Certifications)
  • 3+ years leadership/supervisory experience.
  • Minimum of 8 years technical experience in IT with a focus on Active Directory or other IAM services. 6+ in IT Lead/Senior Technical role or similar.
  • Bachelor's Degree in Computer Science or equivalent work experience required.
  • Architecture and design experience with Active Directory.
  • Experience running enterprise scale IAM projects and tools.
  • Industry experience in pharma, life sciences, warehouse and/or manufacturing is a plus
  • Experience with Lean principles is a plus
  • Microsoft (Azure & Identity) and/or AWS certification is a plus KNOWLEDGE SKILLS AND ABILITIES (Those necessary to perform the job competently)
    • Knowledge:
      • Strong knowledge of Active Directory and Azure AD services e.g. - AD Domain Services, Azure AD Connect, GPOs, DHCP, DNS, AD Certificate Services, DFS, MIM, MFA, SSO, etc.
      • Good Knowledge of AD Integration, synchronization and federation with Azure, Azure AD, Microsoft 365, Cisco DUO, PAM (e.g. CyberArk), Identity Governance (e.g. Okta, Saviynt) as well as Windows Server OS
      • Good knowledge of ZeroTrust principles as well as Active Directory and Azure AD security best practices
      • Knowledge of implementing Active Directory and Azure AD at enterprise scale
      • Knowledge of designing and implementing policies around Delegated Administration for managing Group Policy Objects, Servers, Devices, and Shared Drives
      • Experienced in Active Directory and Azure AD incident and problem management.
      • Knowledge of cloud platforms, especially AWS would be a plus
      • Broad knowledge of information technologies
      • Skills:
        • Demonstrated excellence in a variety of competencies including teamwork/collaboration, analytical thinking, and troubleshooting
        • Excellent written and verbal communication skills
        • Good presentation skills
        • Abilities:
          • Ability to define project scopes, timelines and efficiently advance projects from start to finish
          • Accustomed to work within the ITIL/ITSM framework of Incident, Problem, Change, and release management
          • Ability to be an on-call escalation point for production support and scheduled off-hours/weekend work if/when required
          • Additional qualities:
            • Desire to focus on and please the customer, ability to understand requests from the customer's point of view
            • Experience leading project initiatives, effectively communicating requirements, and delegating project tasks as needed
            • Commitment to high professional and ethical standards in a diverse workplace
            • Self-motivated and flexible ENVIRONMENTAL WORKING CONDITIONS & PHYSICAL EFFORT (Under Typical Positions)
              • Remote work is an option, with the ability to remain as such if agreed upon during the hiring process (monthly or quarterly office visits are highly encouraged)
              • Hybrid-work is preferred by many coworkers in this organization, ranging from two to four days in the office and one to three days from home
              • Full-time work from the office is also an option
              • Reasonable flexibility in working hours is mutual, flexibility may be agreed to for support of personal needs and can also be necessary to support work activities and deadlines
              • Personal computer will be supplied, adequate network connectivity while working remotely is required and is the responsibility of the individual
              • Diverse abilities may be accommodated in this role more easily than a similar role at other companies for reasons that include the remote-work potential, the use of Microsoft Teams for nearly all remote meetings (enabling near real-time closed captioning during meetings) and/or working hours flexibility
              • Offices have adequate lighting and ventilation and a normal range of temperature and noise level
              • Some offices have been modernized and include amenities such as optional standing desks, please inquire during the interview process
              • A frequent volume of work and deadlines does impose some strain
              • Typically work is performed during the business hours of North American eastern time, with occasional flexibility up or down to support after hours releases or meetings with India, Europe and Western US.
              • Work assignments vary and are not highly documented into standard operating procedures, prior experience and precedent are often used to fulfill requests
              • New alternatives to improve productivity and reduce effort are welcome and encouraged
              • Minimal physical effort is required, work is mostly sedentary
              • Limited travel domestically and internationally may be required. DISCLAIMER:
                The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position.
                Avantor is proud to be an equal opportunity employer. EEO Statement: We are an Equal Employment/Affirmative Action employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state/province, or local law. If you need a reasonable accommodation for any part of the employment process, please contact us by email at recruiting@avantorsciences.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address. For more information about equal employment opportunity protections, please view the Equal Employment Opportunity is THE LAW Poster, EEO is the Law Poster Supplement, and Pay Transparency Non-Discrimination Provision using the links below. EEO is the Law OFCCP EEO Supplement PAY TRANSPARENCY NONDISCRIMINATION PROVISION 3rd Party Non-Solicitation Policy: By submitting candidates without having been formally assigned on and contracted for a specific job requisition by Avantor, or by failing to comply with the Avantor recruitment process, you forfeit any fee on the submitted candidates, regardless of your usual terms and conditions. Avantor works with a preferred supplier list and will take the initiative to engage with recruitment agencies based on its needs and will not be accepting any form of solicitation.

Keywords: Avantor, Portland , Manager - IAM Services (US - Remote), Executive , Portland, Maine