Engineer II, Identity & Access Management

---

Job description

Overview

AARP is the nation's largest nonprofit, nonpartisan organization dedicated to empowering people 50 and older to choose how they live as they age. With a nationwide presence, AARP strengthens communities and advocates for what matters most to the more than 100 million Americans 50-plus and their families: health and financial security, and personal fulfillment. AARP also works for individuals in the marketplace by sparking new solutions and allowing carefully chosen, high-quality products and services to carry the AARP name. As a trusted source for news and information, AARP produces the nation's largest-circulation publications, AARP The Magazine and the AARP Bulletin .

Information Technology Services is responsible for AARP enterprise-wide technology and information security functions. Services range from infrastructure design and operations, system and software lifecycle implementations, enabling the mobile workforce and protecting AARP network, systems and data. A variety of technologies and practices are used including cloud computing, automation, artificial intelligence and machine learning within highly collaborative Agile teams.

The Egineer II, Identity & Access Management works with cross-functional teams and customers to understand business requirements and translates into technical specifications. Discovers the true requirements underlying feature requests and recommends alternative technical approaches. Partners with cross-functional technical teams to launch projects and provide ongoing technical support. Collaborates with management to identify opportunities to streamline technology processes and develop new procedures that support the business unit/department.

Responsibilities

• Establishes a technical roadmap for the platform and/or capability strategy and lifecycle that considers value-based outcomes, costs to maintain, supportability, and performance.
• Ensures sound integration, data, security, and business architecture design throughout all stages within the platform and/or capability lifecycle.
• Provides rapid delivery and development of technical solutions that align with business and/or platform desired outcomes.
• Troubleshoots and resolves technical issues related to platform or capability systems, solutions, and services.
• Innovates and drives continuous improvements of implementation methodology and technical service offerings based on customer/employee experiences or other enterprise objectives/outcomes.
• Participates in a Community of Interest for engineers across all capability and platform teams to share information and strengthen understanding of business needs and technology-based business solutions.
• Develops and maintains deep technical knowledge and expertise related to domain area systems, solutions, services, and applications.

Qualifications

• Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering or related field.
• 5+ years of hands-on experience expertly managing Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) services with Microsoft and Infoblox solutions, as well as Secure DNS and content filtering services with Cisco Umbrella and Fortinet Fortigate, for large-scale enterprises with a variety of endpoints (e.g., laptops, servers, networking equipment, IOT devices, etc.).
• 2+ years of prior experience administering public DNS with hosted solutions such as UltraDNS and AWS Route53.
• 2+ years of prior experience managing identify and access management (IAM) systems, including Microsoft Active Directory (AD) and Microsoft Entra (Azure AD), M365 Multi-Factor Authentication (MFA) and Conditional Access Policies, and Privileged Access Management (PAM) solutions, such as CyberArk
• Capable of troubleshooting complex system integrations, large-scale networks, and other performance and configuration issues with IAM solutions; planning and executing IAM product roadmap/evolution upgrades and new features; evaluating new identity technologies; and independently deploying new technologies (i.e., from High Level Design to Detailed Design to Deployment)
• Ability to identify problems and inefficiencies within our existing DNS, DHCP, and authentication services and assists with any recommended remediation/changes to correct (example: script and automate routine tasks).
• Familiarity with Jira, Confluence and ServiceNow tools for collaboration.
• Familiarity with Okta as well as cloud computing (e.g., AWS, Azure, GCP).

AARP will not sponsor an employment visa for this position at this time.

Additional Requirements

• Regular and reliable job attendance
• Effective verbal and written communication skills
• Exhibit respect and understanding of others to maintain professional relationships
• Independent judgement in evaluation options to make sound decisions
• Home office environment with the ability to work effectively surrounded by moderate home environment noise

Hybrid Work Environment

AARP observes Mondays and Fridays as remote workdays, except for essential functions. Remote work can only be done within the United States and its territories.

Compensation and Benefits

AARP offers a competitive compensation and benefits package including a 401(k); 100% company-funded pension plan; health, dental, and vision plans; life insurance; paid time off to include company and individual holidays, vacation, sick, caregiving, and parental leave; performance-based and peer-based recognition and tuition reimbursement.

Equal Employment Opportunity

AARP is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. AARP does not discriminate on the basis of race, ethnicity, religion, sex, color, national origin, age, sexual orientation, gender identity or expression, mental or physical disability, genetic information, veteran status, or on any other basis prohibited by applicable law.

<!– job description page –>