Senior Information Security Engineer - Identity

LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We're also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that's built on trust, care, inclusion, and fun - where everyone can succeed. Join us to transform the way the world works.ted to diversity in its workforce and is proud to be an equal opportunity employer.

We are looking to hire a Senior Information Security Engineer for the Identity and Access Management team who will own the strategy and delivery of our enterprise wide SSO Integrations. This role will collaborate with teams throughout the organization to guide our business and users to a productive and secure user experience. Our business solutions are constantly evolving. This role also involves engineering and operational duties in operating and managing SSO integrations, Active Directory, Azure AD and requires an innovative stance on the future of authentication and identity management at LinkedIn.

At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. The work location of this role is hybrid, meaning it will be performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team.

This role will be based in LinkedIn's Mountain View campus.

Responsibilities

• Production support of IAM/SSO/RBAC infrastructure

• Manage a large active directory environment

• Manage and enable SSO integrations with Okta/ADFS/Azure. Working with Vendors and internal businesses to onboard cloud or internal applications

• Device trust management for MAC, Windows, IOS and Android devices

• Identify and drive business critical metrics with forward looking initiatives

• Formulate and streamline processes to help uplift the team

• Develop and update automation tools and scripts using preferred language

• Proactively identifies gaps, plans, implements, updates, maintains, manages, monitors, and supports enterprise IAM/SSO Tools

• Develop and execute high profile project plans in coordination with the project management team and peers

• Resolve complex technical issues in a Tier 3 capacity. Participate in an on-call rotation supporting our core services

• Educate and advocate for IAM/SSO security improvements throughout the LinkedIn ecosystem

Basic Qualifications

• BA/BS Degree in Computer Science or related technical discipline, or related practical experience

• 5+ years in IT, 3+ years of experience related to authentication (SAML/SSO) and identity management technologies in enterprise environments

• Hands on working experience with AD ecosystem, including MS PKI infrastructure

• Experience with technologies and protocols to support identity federation and robust access control models (e.g., SAML 2.0, WS-Federation, OAuth, OpenID Connect)

• Knowledge of typical enterprise identity life cycle management processes and standards

• Experience enabling integrations for Okta SSO

• Experience with directory services such as Active Directory, LDAP, VDS

• Experience in change management, participate in peer reviews

• Experience Multi-Factor Authentication (MFA) solutions and technologies

• Knowledge of End-to-End user lifecycle management from provisioning to deprovisioning using custom tools or enterprise solutions

Preferred Qualifications

• General knowledge of cloud architectures as well as complex enterprise on-premises IT landscapes

• Experience enabling integrations for AzureAD

• Experience in scripting, specifically with either PowerShell, Python or Java

• Experience with authorization/access control models.

• Experience developing, deploying, and managing identity management solutions

• Experience with configuring SSO using variety of federation solutions such as Okta, Ping, SiteMinder etc

• Experience with Identity security concepts such as zero trust, PAM, JIT access etc.

• Experience with designing/building scalable identity solutions

• Expert in one more scripting or developer language such as Python or GoLang

• Ability to identify, define, and document operational duties and processes for junior team members

• Azure AD and Azure SSO experience

Suggested Skills

• Python

• Cloud architecture

• Authentication & Identity management

LinkedIn is committed to fair and equitable compensation practices.

The pay range for this role is $121,000-198,000. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. This may be different in other locations due to differences in the cost of labor.

The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For more information, visit ~~~.

Equal Opportunity Statement

LinkedIn is committed to diversity in its workforce and is proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is an Affirmative Action and Equal Opportunity Employer as described in our equal opportunity statement here: ~~~. Please reference ~~~ and ~~~ for more information.

LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.

If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at ~~~ and describe the specific accommodation requested for a disability-related limitation.

Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to:

-Documents in alternate formats or read aloud to you

-Having interviews in an accessible location

-Being accompanied by a service dog

-Having a sign language interpreter present for the interview

A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response.

LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information.

Pay Transparency Policy Statement

As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: ~~~.

Global Data Privacy Notice for Job Candidates

This document provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: ~~~