We're looking for big ideas-6.9 petabytes is a good start. That's how much data we manage and store in Information Technology at Kaiser Permanente-more than the Library of Congress can claim. We're home to some other big ideas, like creating KP HealthConnect®, the nation's largest electronic medical record system. Using social media and text messaging to help members engage in their own care. And developing predictive modeling tools that anticipate health issues before they're an issue. It's the kind of thinking that's shaping the future of technology, health care, and the lives of all 8.6 million of our members. If you're ready to contribute your own big ideas, join us.

KP Information Security, Access Management Engineering is seeking an experienced engineer of identity and access management (IAM) technologies to lead delivery of enterprise mission-critical authentication and access product/service solutions. Candidate must have excellent verbal and written communication skills and the ability to perform self-directed work within a team environment.

Role:
The IAM Access Management Engineering Lead role includes design, development, installation, integration, testing and performance monitoring of identity and access management systems, software products and applications. You will work directly with analysts, developers, testers, project managers, business partners and vendors. Also includes systems development and ongoing engineering and higher-level support. You will develop strategies and communications for internal and external stakeholders, and lead efforts as necessary.

Essential Functions:
- Stellar knowledge of identity and access management concepts, technologies, processes and how they integrate within an IT ecosystem
- Architect, design, develop, integrate and customize high-quality, highly-available and resilient access management solutions
- Partner with key stakeholders to improve the overall quality and availability of access management products and services
- Provide consultations in areas of identity and access management solution direction, issue resolution and engineering support
- Perform detailed system analysis and develop recommendations for improvement

Basic Qualifications:
- Bachelor's degree in a related field and/or a minimum of 4 years of equivalent work experience.
- A minimum of 8 years of experience in systems analysis/programming, software programming, systems development and implementation and ongoing support.
- Experience with evaluation, acquisition, installation, integration, testing and performance monitoring of systems software products and applications.

Preferred Qualifications:
- Master's degree.
- 5 or more years of experience in engineering, identity management, and/or information security, including 3 years in a lead engineer role
- Exceptional hands-on experience implementing, configuring and supporting various access management applications and technologies (Imprivata OneSign, Passlogix v-GO SSO, Oracle ESSO, Active Directory, LDAP, Ensure Xyloc, Caradigm, Vergence, Sentillion)
- Experience with desktop application packaging for Windows platforms
- Familiar with middleware- and infrastructure-related technologies including Oracle RAC database, WebLogic Application Server, Oracle Enterprise Manager and Oracle BI Publisher
- Knowledge of other access management platforms (Oracle Access Manager, Vordel/Axway API Server, PingFederate)
- Knowledge of identity management platforms (Oracle Identity Manager, Tivoli Identity Manager)
- Experience designing and integrating business processes and workflows with IT services (BPEL, Oracle SOA Suite) in the context of Oracle Identity Manager (OIM) and Oracle Identity Analytics (OIA) product suite.
- Solid experience customizing and maintaining identity management and provisioning platforms (OIM / TIM / Sun Identity)
- Experience implementing and configuring Oracle Enterprise Manager, Oracle Business Intelligence Publisher and WebLogic
- Knowledge of LDAP technologies (Tivoli Enterprise Directory, Active Directory)
- Knowledge of Authorization technologies (BitKOO, Oracle Entitlements Server, or similar)
- Successful track record architecting, designing and developing J2EE/JEE web applications
- Knowledge of Access Management applications (Oracle Access Manager, CA Siteminder)
- Strong understanding of information security fundamentals in the identity and access management space
- Clear understanding of application development best practices, with a focus on Java technologies
- Intimate understanding of RDBMS and LDAP technologies
- Proven experience analyzing, authoring and reviewing identity management designs
- Experience working with ETL technologies (Tivoli Directory Integrator, Clover ETL, or similar)
- History working with Eclipse/RAD, SVN/CVS and Apache Ant, Apache Maven and Jenkins/Hutson



Primary Location: Colorado-Greenwood Village

Scheduled Hours (1-40): 40

Shift: Day

Working Days: M-F

Working Hours Start: 8AM

Working Hours End: 5PM

Schedule: Full-time

Job Type: Standard

Employee Status: Regular

Employee Group: Salaried Employees

Job Level: Individual Contributor

Job: Information Technology

Public Department Name: Technology Risk Office

Travel: No

External hires must pass a background check/drug screen. We are proud to be an equal opportunity/affirmative action employer.