Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.
Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law. Such information will be stored in accordance with regulatory requirements and in conjunction with Regions’ Retention Schedule for a minimum of three years. You may review, modify, or update your information by visiting and logging into the careers section of the system.
Job Description
At Regions, the Identity and Access Management (IAM) Engineer is responsible for working cross-functionally across the organization with business and IT partners, as well as external service partners to deliver the Identity Governance and Administration (IGA) capabilities across Regions. This role includes role-based access controls (RBAC), attribute-based access controls (ABAC), access review/certification, automated provisioning and de-provisioning, and access requests.
Primary Responsibilities
- Designs, develops, tests, implements, and integrates Identity and Access Management (IAM) systems and solutions
- Ensures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss
- Analyzes and maintains data to ensure projects deliver on time
- Ensures the maintenance, patching, operating, and monitoring of IAM systems
- Supports and resolves system incidents, problems and changes
- Designs and implements reusable strategies, decisions, service components, libraries and frameworks to support enterprise-level IAM services
- Onboards new applications and creates custom workflows, rules, and reports based on business requirements
- Creates and analyzes documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagrams
- Leverages bash scripting to maintain the night processing script
- Meets and encourages project teams to communicate project status, development issues/roadblocks, and requirements feasibility
This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.
Requirements
- Bachelor's degree and six (6) years of experience in a related field
Preferences
- Advanced understanding of UNIX security, as it relates to user access and provisioning
- Experience with Agile methodology and SDLC concepts/tools (Git, Atlassian stack)
- Experience with Linux/Unix, Windows, scripting (with programming languages such as Bash, PowerShell, or Perl), SQL, LDAP, and web services
- Experience with one or more programming languages such as Java, C#, C/C++, Python, or JavaScript
- Experience with role-based access controls and configuring automated provisioning and deprovisioning
- Experience with SailPoint (version 7.0 or later) or another IGA/IAM platform
- Recognized security industry certifications (CISSP, CIAM, etc.)
- Technical experience in systems integration or software engineering of identity and access management (IAM) solutions (such as BeyondTrust, CyberArk, AWS, Duo, OIM, Ping Identity, RadiantLogic, SailPoint, Okta, Active Directory, RACF)
Skills And Competencies
- Demonstrated ability to multi-task, to be self-initiated, and work independently
- Excellent customer service and interpersonal skills
- Excellent time management skills
- Excellent organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations, and take effective action
- Knowledge and skill in technical problem resolution
- Strong attention to detail and outstanding analytical skills
- Strong written and verbal communication skills
- Strong Hashicorp Vault experience is a must
- Installing and configuring Vault
- Managing Vault Server clusters
- Managing access in Vault (auth methods, policies, MFA, etc.)
- Managing Secrets in Vault
- Managing Secrets Engines
- Integrating Vault in CI/CD Pipelines
- Experience with scripting (bash, Python, HCL)
- Experience with GitHub
- Experience with AWS and Azure cloud services, such as:
- AWS Application Load Balancer
- AWS EC2
- AWS Key Management Service
- AWS Secrets Manager
- AWS Certificate Manager
- AWS S3
- Azure Storage Accounts
- Azure Log Analytics Workspaces
- Azure Application Gateway and/or Load Balancer
- Azure Bastion service/AWS SSM
- Azure Key Vault
- Azure VM Scale Sets/Virtual Machines
- Azure Managed Disks
- Azure Disk Encryption Sets
- Experience using Terraform providers for AWS, Azure, and HashiCorp Vault
- Familiarity with Wiz
- Experience with remediating vulnerabilities in AWS, Azure and on-prem environments
- Working knowledge of Red Hat and Amazon Linux
This position must be within a reasonable driving distance to a Branch, Consumer Operations, or Professional Office Building with the primary location being Birmingham, AL, Nashville, TN, Atlanta, GA or Charlotte, NC. Regions will not provide relocation assistance for this position, and relocation would be at your expense. Exceptions to the geographic location requirement may be made for current Regions associates who work remotely.
Position Type
Full time
Compensation Details
Pay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job.
The target information listed below is based on the Metropolitan Statistical Area Market Range for where the position is located and level of the position.
Minimum
Job Range Target:
$127,530.40 USD
Median
$162,680.00 USD
Incentive Pay Plans
Opportunity to participate in the Long Term Incentive Plan.
Benefits Information
Regions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.
- Paid Vacation/Sick Time
- 401K with Company Match
- Medical, Dental and Vision Benefits
- Disability Benefits
- Health Savings Account
- Flexible Spending Account
- Life Insurance
- Parental Leave
- Employee Assistance Program
- Associate Volunteer Program
Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time. To learn more about Regions’ benefits, please click or copy the link below to your browser.
https://www.regions.com/welcometour/benefits.rf
Location Details
Atlanta Midtown
Location:
Atlanta, Georgia
Bring Your Whole Self to Work
We have a passion for creating an inclusive environment that promotes and values the differences that make each of us stand out as unique individuals and help provide valuable perspective that makes us a better company and employer. More importantly, we recognize that creating a workplace where everyone, regardless of background, can do their best work and thrive is the right thing to do.
OFCCP Disclosure: Equal Opportunity Employer/Disabled/Veterans
Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting. Job postings for higher-volume positions may remain active for longer than the minimum period due to business need and may be closed at any time thereafter at the discretion of the company.