Senior Engineer, Identity & Access Governance

Align

Yerevan, Armenia
Education
Benefits
Experience
Skills
Other
Apply
307 Similar Jobs

This position is ideal for senior-level to join the Technology Governance, Risk & Compliance (TechGRC) team within Information Security as a Senior Engineer, Identity & Access Governance (IAG), facilitating governance rollout and secure user identities and access to systems and applications across the organization. Partnering with cross-functional teams including other Information Security teams and Information Technology, you'll define effective guidance on complex subjects and oversight to ensure individuals have appropriate access to the right resources and information while maintaining compliance with internal policies and external regulations. This role is crucial in ensuring our organization's information and systems are continuously protected through comprehensive identity and access controls.

Role expectations

  • Identity Federation & Lifecyle Management: Design processes and monitoring controls for identity provisioning, de-provisioning and lifecycle management. Assist in the configuration and management of identity federation services.
  • Role-Based Access Control (RBAC): Develop role-based access control models, ensuring alignment with organizational structures, business needs and work duties.
  • User Access Governance: Monitor user access controls, including provisioning, de-provisioning, and maintaining user entitlements across various systems and applications. Assist technology teams with the onboarding into single sign-on (SSO) to streamline user authentication and access.
  • Privileged User Access Governance: Assist technology teams with the configuration of privileged user access, ensuring that access is appropriate based on roles, responsibilities, and compliance requirements.
  • Non-human Account Governance: Assist technology teams with the configuration of non-human account, ensuring that account comply with identity & access policies, management procedures and configuration standards.
  • Monitoring Control & Compliance: Design and implement monitoring controls, ensuring continuous operational enforcement of identity and access management (IAM) policies, procedures, and compliance with regulatory requirements. Conduct periodic control design and operating assessments to identity improvement areas.
  • Phishing-resistant MFA: Assist technology teams with the configuration of Passwordless sign-in, Device Conditional Access and Windows Hello for Business policies. Conduct periodic configuration assessments to identify control gaps and inconsistencies.
  • Project Management: Review project onboarding questionnaire and documentation, ensuring alignment with identity & access policies and standards. Formulate risk-based requirements and track implementations until completion.
  • Incident Response & Mitigation: In partnership with stakeholders develop and implement incident response plans for identity and access-related incidents, including unauthorized access attempts, MFA & Passwordless bypasses, and potential security breaches. Capture lessons learned and formulate risk mitigation and improvement proposals.
  • Management Information System (MIS): Develop and maintain the Identity & Access Governance MIS, ensuring data are received and processed with strong accuracy to automate monitoring controls and reporting (current status and trends).
  • Documentation & Reporting: Create effective documentation on identity & access governance policies, procedures, standards, controls, and configurations. Design and produce periodic reports with key metrics on governance activities, monitoring controls, usage patterns and compliance status. Provide insights for ongoing improvements in security posture.
  • Service Delivery: Design and implement identity & access governance-related services. Process service requests as per defined service levels (on-time, on-quality) in partnership with key stakeholders.
  • Collaboration & Communication: Work closely with IT, Information Security, HR, and business units to ensure seamless identity & access lifecycle management.
  • Continuous Improvement: Stay up-to-date with emerging trends, tools, and good practices in identity & access management. Provide recommendations for improving processes, controls, technologies and tools.
  • Other duties as assigned to meet business needs, contribute to broader projects and support colleagues.

What we're looking for

  • Education: Bachelor's or Master's degree in Computer Science or equivalent work experience.
  • Experience: 8+ years' experience in identity and access management, information security, IT risk management, technology compliance, or similar role.
  • Communication: Strong presentation and communication skills; ability to translate technical concepts into business risk language.
  • Analytical Skills: Strong ability to analyze complex security challenges and develop actionable solutions that balance security and business requirements.
  • Problem Solving: Strong ability to address and resolve complex issues in identity and access governance.
  • Teamwork: Strong ability to work both collaboratively and independently achieving most of the goals set with little guidance.
  • Development: Strong SQL programming as well as PowerShell and Python scripting; PostgreSQL and Amazon RDS administration; workflow/automation programming (preferably with n8n).
  • Project Management: Skilled in managing multiple complex projects, priorities, and deadlines in a fast-paced environment.

Complementary skills

  • Ability to understand the big picture and connect the dots between theory and day-to-day operability.
  • Strong English-speaking skills with experience working at a global company.
  • Strong understanding of the Microsoft 365 suite of tools relating to managing user identities, entitlement and accesses.
  • Strong knowledge of IAM concepts, RBAC, SSO, MFA, least privilege, segregation of duty and need to know principles, and security frameworks.
  • Understanding of privileged identity and access management (PAM/PIM).
  • Experience with regulatory frameworks such as SOX, HIPAA, GDPR.
  • Certifications: Certified Identity Management Professional (CIMP), Certified Identity and Access Manager (CIAM), or other related credentials are a plus.

About Align Technology

Your growth and well-being:

At Align, every smile matters. We’re committed to helping you thrive by supporting the health, growth, and well-being of our team members through a variety of tools and programs. While specific offerings may vary by location and role, Align employees can typically expect:

  • Health and well-being programs to keep you thriving in both body and mind.
  • Employee-exclusive discounts on Invisalign products.
  • Learning opportunities through online learning resources and support for your individual development plans.
  • Inclusive, global workplace that fosters collaboration, recognition and belonging.

Country and/or role specific details will be shared with you by your recruiter during the interview process.

Discover Align:

We are a global community of game-changers and smart team players, united by our belief in the power of a smile. Our dynamic team of exceptional employees is dedicated to transforming the industry and creating extraordinary outcomes every day.

Align’s core values of agility, customer, and accountability are more than words to work by, they are words we live by. The actions we take every day speak to who we are as a company and our focus on being truly impactful. We celebrate our differences, and the many ways we support one another— ultimately creating a more inclusive organization and world as we continue transforming smiles and changing lives.

We foster a culture where thinking differently and seeking new experiences are not just encouraged but celebrated. With the Align Mindset, we empower each other, ensuring every voice is heard and valued in an inclusive environment that inspires creativity and collaboration.

At Align, we believe in the power of a smile, and we know that every smile is as unique as our employees. As we grow, we are committed to building a workforce rich in diverse cultural backgrounds and life experiences, fostering a culture of open-mindedness and compassion. We live our company values by promoting healthy people and healthy communities, all with the intent of changing millions of lives, one unique smile at a time.

As part of our commitment to innovation, Align Technology includes exocad and Cubicure, companies that enhance our offerings and extend our impact to industry transformation.

Eager to learn how we embrace our global differences and nurture employee well-being?

Explore Align's culture here!

Want to discover more about exocad and Cubicure? Click on their names for additional information.

Applicant Privacy Policy:

Review our Applicant Privacy Policy for additional information.

Equal Opportunity Statement:

Align Technology is an equal opportunity employer. We are committed to providing equal employment opportunities in all our practices, without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, disability, sexual orientation, gender identity or expression, or any other legally protected category. Applicants must be legally authorized to work in the country for which they are applying, and employment eligibility will be verified as a condition of hire.

Apply Now

Read Full Description
Apply
Jobs at Align
Similar Jobs
Confirmed 15 hours ago. Posted 3 days ago.

Discover Similar Jobs

Suggested Articles

Leaving Consulting: The Why, When, How and What For?
Managing a Software Career
Demand for (Artificial) Intelligence: Jobs for Engineers & Scientists
Is it Really 10 Times Harder to Get Into Google Than Goldman Sachs?
How to Master the Technical Interview at Google and Facebook
Customer Success