IAM ENGINGEER II - México

If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.

The current information security landscape is technically complex and constantly changing. The IAM ENGINGEER II uses their knowledge of current security methods and standards to gather operational information and assess and analyze tools, systems, and processes in defense of applications, systems, and networks, and collaborate with the Infrastructure and business teams. This position will focus on the IAM functions of Security.

• Develop, implement, and maintain identity and access management solutions and systems.
• Troubleshoot, identify, and resolve technical issues related to identity and access management.
• Enhance identity and access management solutions and systems to protect against evolving threats and improve efficiency.
• Stay up-to-date on current IAM threats and industry solutions.
• Provides expertise in two or more domains of information security.
• Implements SSO via OAuth 2.0, OIDC, and SAML.
• Implements RBAC for identity provisioning, creating and updating joiner, mover, and leaver processes.
• Brings advanced knowledge and specialization to the work. May provide mentoring, training, and work assignments for less experienced security analysts.
• Collaborates with architects, risk professionals, and other information security specialists to operate, build, and integrate detective, preventive, and corrective tools and procedures.
• Implements tools, processes, and communications that support information security initiatives.
• Participates in the development and refinement of Information Security programs.
• Develops and maintains documentation for security systems and procedures.
• Participates in evaluating, selecting, testing, and implementing security-focused products and services.
• Leads or participates in tactical projects as they arise to clarify and respond to identified security risks across various technical domains.
• Provides seasoned knowledge in security services and operations.
• Operates Information security tools and processes.
• Executes established security practices with consistency and discipline.
• Collaborates with analysts in other groups to implement standardized practices and follow routine processes to promote secure systems.
• Investigates and corrects new or unusual security configurations and implementations as identified by intelligence, analysts, or monitoring.
• Operates, observes, and analyzes security practices.
• Participates in Correction of Errors (CoE), often with members of other teams.
• Incrementally improves practices where appropriate and collaborates in identifying and formulating new practices where possible.
• Processes service request tickets efficiently and reliably.
• Performs other job-related duties as assigned.

• Knowledge of NIST, ISO, and PCI-DSS standards as well as FERPA, GLBA, GDPR, HIPAA, FTC regulations. Contributes to developing assessment plans, building on the methodologies promoted by these standards and regulations to quantify risk.
• Understanding of core AWS services, including compute (EC2, ECS, Lambda), network (VPC, Subnets, Security Groups), storage (S3, EFS, EBS), database (RDS), and identity (IAM)
• Understanding of integrating security into the various stages of a CI/CD pipeline.
• Understanding of cloud security engineering principles as applied in support of, and integration with, key business and strategic priorities.
• Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies.
• Ability to tune sensors, read, and interpret signatures.
• Great oral and written communication skills with the ability to communicate with purpose, clarity, and accuracy.
• Familiarity with network architectures, network services & devices, system types, development platforms, and software suites (Microsoft, Cisco, Oracle, Linux, etc.)
• Excellent analytical, problem-solving, and decision-making skills.
• Ability to take a solution-driven approach to problem-solving.
• Working knowledge of securing and administering network devices and operating systems.
• Strong understanding of PCI, SOX, GLBA, PII, and FERPA requirements.
• Subject matter expert in the area of responsibility or working knowledge of several technical areas.
• Methodical, data-driven approach to security and risk analysis; ability to think imaginatively in order to assist in implementing security improvements.
• Understanding of the implications of privacy laws and regulations (i.e., GDPR and CCPA).
• Strong understanding of SIEM content security rules to detect malicious, suspicious, and/or abnormal events.
• Understanding of cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.)
• Understanding of the Development of Security Content and Use Case Development. Alerting aligns with the MITRE ATT&CK Framework.

• Bachelor's Degree in IT Security, Computer Science, Engineering, or related field.
• 3 years of IAM experience.
• Experience using Microsoft Entra ID, PingIdentity Suite, or Sailpoint IIQ.
• Experience in analyzing SIEM, network, event, security, and IDS alert logs.
• Experience with security industry standards and best practices, specifically with interpreting and implementing those standards in a corporate environment.
• Scripting language experience (Bash, Python, Powershell, etc.) with a strong working knowledge of automation.
• Experience working with compliance and regulatory program requirements.
• Experience designing and deploying security solutions.
• Equivalent relevant experience performing the essential functions of this job may substitute for education degree requirements. Generally, equivalent relevant experience is defined as 1 year of experience for 1 year of education, and is at the discretion of the hiring manager.

• 3+ years of Information Security experience.
• Experience migrating IAM providers to Microsoft Entra ID.
• Experience in the development of end-user operating manuals and documentation.
• Familiarity with Cloud infrastructure.
• Relevant security certifications (CISSP, GIAC, ISACA, CCSP, CCSK, AWS, etc.).

Job Description Disclaimer: This position description provides the major duties/responsibilities, requirements, and working conditions for the position. It is intended to be an accurate reflection of the current position; however, management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.

• Prolonged periods of sitting at a desk and working on a computer.
• Must be able to lift up to 15 pounds at times.

As an equal opportunity employer, we recognize that our strength lies in our people and are committed to creating an inclusive environment where all can thrive, regardless of race, age, gender, sexual orientation, religion, or disability.

#LI-AQ1

This role includes participation in a rotating on-call schedule shared among team members to ensure support coverage outside regular hours. Rotation may be required depending on team needs. We value the “you build it, you own it” principle — on-call participation reflects our commitment to ownership, accountability, and reliability.

Learn more about our WGU Mexico Team by clicking here.