Principal IT Production Engineer - Identity & Access Management (IAM) at King County, WA

About the Department

King County Department of Information Technology (KCIT) is seeking an IT Production Engineer-Principal – IAM. The Principal IAM Production Engineer will help lead the Engineer team within Security and Privacy on Identity and Access Management systems and services. They will troubleshoot, identify, and resolve technical identity and access management related issues across our On-Premise and Cloud Identity infrastructure.

KCIT uses the power of technology to digitally transform King County. Building vibrant communities through digital equity and social justice, KCIT offers innovative solutions that engage, empower, and serve our residents, businesses, communities and interested stakeholders. As the first-place recipient of the 15th annual National Association of Counties (NACo) Digital Counties Survey, KCIT is recognized for its vision, strategy, innovation, and collaboration. KCIT has a focus of delivering smart technology solutions that support customers, building stronger communities through innovation. 
 
KCIT is providing the building blocks for many of the region's most critical services. As the business solutions partner, we collaborate with the 18 County departments to develop products and services that better serve the needs of our customers and our community. To learn more about KCIT, please visit: http://kingcounty.gov/depts/it.aspx

Position Duties

• Work with the Identity Architect to implement strong Identity Management processes.
• Collaborate effectively with the other Principal Engineers to assure a robust IAM environment while also looking to the future to improve workflows and systems where needed.
• Keep up with the ever-changing IAM landscape by tracking all changes to the technologies in use as well as the security ramifications involved.
• Implement technology roadmaps.
• Troubleshoot complex system issues and coordinate progress with customers and stakeholders, while collaborating with vendors, and KCIT cross-functional teams.
• Create standard operating procedures, establish processes, and documentation, maintain services, write automation scripts, and implement work tasks.
• Collaborate with vendors, colleagues and business partners to design and implement solutions and enhance services that meet business requirements.
• Drive automation and best practices to improve consistency and customer experience. 
• Establish and support system documentation and cross-train team members on technical systems.
• Act as technical lead for application projects, overseeing KCIT technical requirements for systems while coordinating and collaborating with customers, stakeholders, vendors and KCIT cross-functional teams.
• Lead change management, conceptual design review, architectural review, and risk mitigation processes as the owner, ownership of project-based technology aspects. 
• Utilize organizational and time management skills while balancing multiple ongoing projects and system maintenance.
• Continuously learn about and apply knowledge on technologies and systems being utilized within KCIT.

Minimum Qualifications

We want to hear from you if you possess the following required qualifications:

• Possess a minimum of five (5) years of professional experience in Information Technology, with demonstrated expertise in IAM systems, protocols, and operational support or a combination of education and experience that meets the requirements.
• Expert level knowledge on the inter-workings of Active Directory and Entra ID.
• Thorough understanding of Public Key Infrastructure, Certificate Management and HSMs.
• Background in managing Enterprise Applications and Registrations.
• Good working knowledge of Privileged AccessIdentity Management. 
• Expert level knowledge of DNS and DHCP.
• Full understanding of Modern authentication, particularly related to Azure (SSO, Tokens, MFA, API permissions, etc.)
• Full understanding of Group and Identity lifecycle management.
• Experience with AD Connect, Cloud Sync, and Access Reviews.
• MIM experience required.
• Azure Arc, Defender XDR, MS Graph, and KQL experience for auditing and troubleshooting Identity issues.
• Intune and SCCM Device Management and Compliance Policies.
• Solid understating of networking concepts, Border segments, Trusts, and Policies.

• Application proxy competency.
• History with Guest access and B2C a plus.
• Technical certifications related to information security, risk or compliance, information technology such as network, server, database, cloud infrastructure or engineering, project management methodologies, leadership or other relevant certifications. 

Other Qualifications

Hybrid Work

The work associated with this position will be performed through a combination of onsite work and telecommuting. Employees will have access to shared workspaces at various King County facilities. Employees must reside in Washington state and within a reasonable distance to their King County worksite to respond to workplace reporting requirements. King County has a robust collection of tools and resources to support when working remotely.  

Classification

IT Production Engineer - Principal - 741701

Union 

This position is represented by Protec17: Information Technology 

Work Schedule

The normal work week for this position is Monday through Friday, 8:00 a.m. to 5:00 p.m. Alternative work schedules may be considered. This position is FLSA Exempt and is not eligible for overtime pay. 

**This position participates in an After-Hours Support Rotation
 

Forbes named King County as one of Washington State's best employers.

Together, with leadership and our employees, we're changing the way government delivers service and winning national recognition as a model of excellence. Are you ready to make a difference? Come join the team dedicated to serving one of the nation's best places to live, work and play.

Guided by our "True North", we are making King County a welcoming community where every person can thrive. We value diversity, inclusion and belonging in our workplace and workforce. To reach this goal we are committed to workforce equity. Equitable recruiting, support, and retention is how we will obtain the highest quality workforce in our region; a workforce that shares and will help advance our guiding principles - we are one team; we solve problems; we focus on the customer; we drive for results; we are racially just; we respect all people; we lead the way; and we are responsible stewards. We encourage people of all backgrounds and identities to apply, including Native American and people of color, immigrants, refugees, women, LGBTQ+, people living with disabilities, and veterans.

King County is an Equal Employment Opportunity (EEO) Employer

No person is unlawfully excluded from employment opportunities based on race, color, religion, national origin, sex (including gender identity, sexual orientation and pregnancy), age, genetic information, disability, veteran status, or other protected class. Our EEO policy applies to all employment actions, including but not limited to recruitment, hiring, selection for training, promotion, transfer, demotion, layoff, termination, rates of pay or other forms of compensation.

Are you ready to APPLY!?

The recruitment for this position is open to all qualified candidates. This recruitment may be used to fill future vacancies. A completed King County Application detailing your experience and qualifications is required. Applications submitted without all material will not be considered. 

Questions

If you have questions regarding this recruitment, please contact Ira Becton, [email protected] or 206-492-6919.