Clicking on the following button will update the content below

Identity Engineer
BrandBest Buy

Best Buy is not only a retailer but also a technology-based company, where technology itself is at the heart of our operation. Our Information Technology organization is transforming to play an even more integral role in helping the company define and execute key elements of the business model. Since 2004 Best Buy has operated its information technology functions in a largely outsourced structure and maintained a small internal team focused on aligning business strategies and the work of our outsourcing partners.
Today, Best Buy is moving to a multidimensional IT model and expanding the internal teams and capabilities necessary to drive the IT strategy, architecture and technology solutions that support Best Buy's growth. Our IT environment is fast-paced and constantly changing to meet the demands of our diverse business offerings.

We are seeking a driven, team-focused Identity Engineer to support and improve our identity governance platforms. This security minded professional will work on a variety of projects to securely integrate systems on top of a common identity platform.

Key Responsibilities
  • IAM B2B Implementation and Management including Vendor Registration, Vendor Account Management, Password Management, Organization based access, RBAC, ABAC and Policy based Access.
  • IAM configuration, implementation, and management of IAM solutions including user provisioning, Single Sign-on, directory services, App onboarding, Access Certification, etc.
  • IAM management and governance; User Provisioning, Access Certifications, Access Request, Workflow, Delegated Administration, and Password Self-Service
  • IAM /IDM experience including Role management, entitlement, access certification, privileged access controls, separation of duties (SOD), user/ application provisioning, de-provisioning, RBAC, etc.
  • Identity governance and provisioning experience with LDAP based directories like Active Directory AD, OUD & ODSEE (groups, users and file share permissions)
  • Custom capability/feature development and systems integration using identity governance platforms from Oracle, Sailpoint or Saviynt, both on-premise and IdaaS.
  • Infrastructure management including lifecycle patching, upgrades, and support on the identity governance platforms
  • Implement and manage data feeds between multiple identity stores
  • Work with repository owners to define requirements and establish rules for managing identities
  • Establish access policies to control provisioning of accounts
  • Serve as a senior technical resource demonstrating leadership skills in systems engineering and software development
  • Work with product vendors on roadmap, upgrades and troubleshooting product issues
  • Improve the time, cost, and risk associated with identity administration, while driving future direction and evolution of identity management technologies and processes.
Minimum Qualifications:
  • 5 or more years of experience in Information Technology, Information Systems, Software Development or similar fields.
  • 3 or more years of experience with Identity and Access Management (IAM), with additional experience within Identity governance processes, capabilities and features like lifecycle management, birth right provisioning and de-provisioning, password management, access certification workflows.
  • 3 or more years of experience migration/synchronization of data and provisioning/de-provisioning of users.
  • 1 or more years of experience implementing web services in a Service Oriented Architecture
  • 1 or more years developing general purpose services, usable by a variety of authorized systems and applications
  • Experience customizing COTS identity governance product functionality to fulfill requirements that cannot be met with standard out-of-box functionality
  • Understanding of XML concepts, API concepts and processing
  • Understanding of SCIM standard specifications for identity provisioning
Preferred Qualifications:
  • Experience with the top identity governance tools like OIG, Sailpoint IQ and/or Saviynt Identity
  • Specifying technical requirements for leadership for data integrity, privacy and security of directory services
  • Specifying guidelines and supporting processes for integration, administration and maintenance
  • Experience interacting with application teams that manage major user repositories and/or need to automate/standardize user access request process, to gather requirements, design and deliver solution to integrate with the existing IDM implementation
  • Experience gathering requirements to Guide / recommend the right integration pattern for applications needing services, taking into consideration the impact to the environment and standards currently set in.

Auto Req. ID784038BR
Employment CategoryDigital & Information Technology
Job LevelIndividual Contributor
Location Number940040-105-IDAM
Address7601 Penn Avenue South


Clicking on the following button will update the content below