Rivian

United States, California, Irvine, United States

Posted on: 2022-06-29

Category: emobility

Employment type:

Full time

Experience required:

Intermediate

Salary

Salary not provided

Staff IAM Engineer

About the company:

Doing something different is never easy. It requires courage, optimism and grit. Core to our mission is building a team of adventurous individuals determined to make a positive impact on the world. This means challenging ourselves constantly. Stretching beyond the bounds of conventional thinking. Reframing old problems. Seeking new solutions. And operating comfortably in a space of uncertainty. While our backgrounds are diverse, our team shares a love of the outdoors and a desire to protect it for future generations. Do you like doing the impossible? We’d love to hear from you.

Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract. 

As a company, we constantly challenge what’s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations. 

Role Name: Staff Identity and Access Engineer         

Description:

This would be a senior position that would be acting as the SME of Rivian’s identity management platform and services. This position requires technical knowledge and experience in implementing and supporting enterprise Identity Access Management platforms and systems. The role is responsible for the development and design of IGA system architecture, integrations and frameworks in an automated, measurable, and repeatable manner that aligns tightly with business needs with a big picture mindset.

Requirements:

  • 6+ years relevant experience in Identity Solution Management.
  • 4+ years architecting and leading SailPoint IdentityNow implementations including application onboarding, customized workflows, access requests, certification campaigns, rules reports and enhanced automation for desired results to meet business requirements.
  • Experience when dealing with large quantities and types of identities.
  • Strong hands-on scripting experience. Preferably Python & JS working with JSON/XML/SOAP as well as interacting via REST.
  • Experience with integrations to HR System of Records (Authoritative Source), ServiceNow Applications integration (Access Requests/etc), Active Directory, Azure Active Directory, AWS and others.
  • Experience facilitating Privileged and Regular user access reviews.
  • Experience working with Role Based Access Controls (RBAC) and understanding joiner, leaver, and mover scenarios while leveraging reliable data points for automation.
  • Strong troubleshooting and collaboration capability with experience related to connected systems. This can range from security/network protocols to business processes.
  • Experience in gathering SailPoint IdentityNow & Business requirements, completing attribute mappings, sync between source systems and SailPoint IdentityNow.
  • Experience working within an SOX environment
  • Experience with AWS environment and resources
  • Knowledge of SSO configurations (OIDC, SAML2) with MFA (Azure Conditional Access Policies).
  • Knowledge of Microsoft Active Directory (On Prem) and Azure Active Directory (more than just users and groups)
  • Leadership skills and qualities which enable you to work with peers and various levels of management
  • Cloud, automation, big picture, and security focused mindset.

 

Responsibilities:

  • Work with stakeholders to understand business processes, internal control risk management, IT controls and related standards and implement them/make them more efficient
  • Provide documentation, test cases, test plans and support processes for the platform/integrations.
  • Perform Regular and Privileged User Access Reviews (UARS) regularly to satisfy compliance requirements
  • Communicate to clients and partners aspects of both the product and the implementation at the technical and functional level appropriate for the situation
  • Work with other teams to improve and stabilize data flow from HRIS platforms to connected systems/applications
  • Design, develop, test, implement, and document workflows, custom connectors, and other custom software to meet client requirements
  • Find areas of opportunity to automate where needed to help alleviate of manual tasks
  • Identify, analyze, and address problems to resolve issues in a way that minimizes negative impact and risk to the organization
  • Participate in an enterprise company change management process for teams’ efforts
  • Lead Peer review implementations for production deployments
  • Cross train team members around best practices for IdentityNow/automations or processes
  • Lead efforts in working with support for IAM Solution related issues
  • Participate in on-call rotation to provide excellence of service to the organization
  • Participate in work/project/sprint planning efforts

 

 

Job Type: Full-time

Education:

  • Bachelor's degree or higher required; Advance degree in IT related field or extensive experience in SailPoint implementation and deployment.

 

Equal Opportunity

Rivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.

Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at [email protected].

Candidate Data Privacy

Rivian may collect, use and disclose your personal information or personal data (within the meaning of the applicable data protection laws) when you apply for employment and/or participate in our recruitment processes (“Candidate Personal Data”). This data includes contact, demographic, communications, educational, professional, employment, social media/website, network/device, recruiting system usage/interaction, security and preference information. Rivian may use your Candidate Personal Data for the purposes of (i) tracking interactions with our recruiting system; (ii) carrying out, analyzing and improving our application and recruitment process, including assessing you and your application and conducting employment, background and reference checks; (iii) establishing an employment relationship or entering into an employment contract with you; (iv) complying with our legal, regulatory and corporate governance obligations; (v) recordkeeping; (vi) ensuring network and information security and preventing fraud; and (vii) as otherwise required or permitted by applicable law. 

Rivian may share your Candidate Personal Data with (i) internal personnel who have a need to know such information in order to perform their duties, including individuals on our People Team, Finance, Legal, and the team(s) with the position(s) for which you are applying; (ii) Rivian affiliates; and (iii) Rivian’s service providers, including providers of background checks, staffing services, and cloud services. 

Rivian may transfer or store internationally your Candidate Personal Data, including to or in the United States, Canada, the United Kingdom, and the European Union and in the cloud, and this data may be subject to the laws and accessible to the courts, law enforcement and national security authorities of such jurisdictions.  

 

Please note that we are currently not accepting applications from third party application services.