Share this Job

Title:  Identity Access Management Principal Engineer- Remote

Job ID:  2913

Chicago, IL, US

Category:  Information Technology

Donnelley Financial Solutions (DFIN) is a leader in risk and compliance solutions, providing insightful technology, industry expertise and data insights to clients across the globe. We’re here to help you make smarter decisions with insightful technology, industry expertise and data insights at every stage of your business and investment lifecycles. As markets fluctuate, regulations evolve and technology advances, we’re there. And through it all, we deliver confidence with the right solutions in moments that matter. 


The Identity Access Management principal engineer will be responsible for end-to-end management for assigned projects related to Identity Access Management (IAM) and Privileged Access Management (PAM) initiatives including project planning, delivery, client interaction, troubleshooting, execution, monitoring, and controls. The principal engineer will provide technical expertise for the Identity Engineering team, establish and document policies, procedures and guidelines related to user and system access; assist in compliance reviews with GRC team and ensure processes and procedures align with DFIN policy.


  • Identify and implement changes needed in account access management processes, architecture design and configurations necessary to achieve the technology organization goals
  • Implement a formal program to enhance and centralize the Identity and Access Management (IAM) and the Privileged Access Management (PAM) functions
  • Formulate and define system's scope and objectives based on both user needs and a good understanding of the application, business, operational and/or industry requirements
  • Analyze, define, and prioritize the business and functional requirements for IAM initiatives. Help to develop project scope, charter, constraints, and assumptions for assigned projects
  • Establish and maintain strong partnerships with key stakeholders to establish project expectations and priorities, coordinate and regularly report on project progress and accomplishments to the project team, stakeholders, and sponsors
  • Centrally manage user security and entitlement reviews and certifications, as well as interface with internal clients and external vendors
  • Understand all IAM/PAM functions including but not limited to user entitlement reviews and conflicting combinations
  • Ensure that proper security settings are applied to reflect the model of least privilege

Additional Responsibilities:

  • Govern all system and user ID management processes along with monitoring the activity and requests where users require access in a timely manner
  • Analyze potential IAM/PAM tools and technologies to enhance and improve the processes, procedures and functions of security and identity management team
  • Develop and track key performance indicators (KPI) that demonstrate current IAM/PAM platform state and any associated risk indicators
  • Manage effective issue identification and resolution processes; Serve as a senior escalation point for all IAM/PAM operations issues with a degree of quality that results in absolute root-cause determination and drive vendor partners to provide quality assurances by requiring immediate bug fixes, software updates, etc., as necessary to ensure an Ideal Customer Experience at all times
  • Ensure IAM/PAM tools and processes adhere to DFIN governance and compliance policies
  • Create and maintain documentation as it relates to IAM/PAM platforms, design, configuration, support and processes
  • Performs other related duties and participates in special projects as assigned
  • Develop and deliver cross-training activities and encourages a knowledge-sharing environment both within and outside the department
  • Proactively identify process improvement areas and lead process improvement initiatives
  • Must participate in On-Call rotation



The qualifications below are representative of the knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
•    10-12 years of experience in information security including IAM and PAM technology

Desired Skills:

  • Advanced knowledge and experience with privileged identity management, identity governance and other IAM and PAM solutions such as Omada, Active Directory, Okta, Saviynt, Thycotic, CyberArk, SailPoint, BetterCloud, BeyondTrust, etc. 
  • Expert understanding of access control concepts including directory services, SAML, LDAP, PKI 
  • Adept in business analysis, requirements gathering, design documentation, and user access review process/lifecycle 
  • Working knowledge of permissions in Windows, Unix and Linux is required · Experience with Azure and AWS identity and access controls, RBAC, and monitoring desired
  • Ability to train and assist co-workers on all aspects of the program build and evolution
  • Strong communications skills (written and verbal) to communicate effectively at all levels of the organization
  • Prior experience as senior level IAM/PAM Security Administrator or Lead in production environment
  • Requires minimal supervision to perform job duties; drives DFIN’s behavioral values within the team and broader organization
  • Highest levels of accountability for project, product, and solution ownership
  • Education – Bachelor’s degree in computer science or related area, or equivalent work experience · Industry recognized certification in security (e.g., CISSP, CISA, CISM, etc.) preferred

It is the policy of Donnelley Financial Solutions to select, place and manage all its employees without discrimination based on race, color, national origin, gender, age, religion, actual or perceived disability, veteran's status, actual or perceived sexual orientation, genetic information or any other protected status. 

If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access as a result of your disability.  You can request a reasonable accommodation by sending an email to #BI-Remote

Nearest Major Market: Chicago

Job Segment: Computer Science, Linux, Unix, Information Security, Business Analyst, Technology