Apply on Employer Site

Ecolab · 3 hours ago

Principal Identity Engineer

Naperville, IL

Full-time

Hybrid

Senior Level, Lead/Staff

$154K/yr - $231K/yr

10+ years exp

Ecolab is seeking a highly skilled Principal Identity Engineer to lead their identity management strategy in a complex hybrid environment. The role involves overseeing the architecture, implementation, and training for critical systems, ensuring seamless integration of identity solutions, and providing technical leadership to the team.

Cleaning ProductsEnergyFood and BeverageInformation TechnologyRenewable Energy

No H1B

Responsibilities

Assist with identity technical solution design across Identity Access Management Platforms

Lead the design and implementation of enterprise-grade Identity Management solutions, including BeyondTrust, Active Directory (AD), Entra ID, and Certificate Management

Develop scalable architectures for hybrid environments that integrate on-premises and cloud-based systems

Evolve and optimize a hybrid environment combining managed and exchange services across domains

Ensure seamless integration of identity solutions with existing infrastructure, including Entra ID and other third-party platforms

Provide technical leadership and mentorship to engineers within the team

Oversee and provide recommendations of identity management tools, including monitoring, troubleshooting, and performance optimization

Playing a key role in developing standards for the identity team in relation to implementation, maintenance, and support while additionally participating in our team’s on-call rotation

Optimize a hybrid environment combining managed and exchange services across domains

Lead the design and implementation of robust identity management solutions that integrate seamlessly across on-premises and cloud environments. Ensuring a stable and secure environment that is evaluated across aligned to KPIs

Lead lifecycle management and governance processes ensuring compliance with regulatory standards

Integrate identity systems with SIEM for proactive threat detection and response

Drive adoption of modern authentication methods such as FIDO2 and passwordless technologies

Establish KPIs for identity security posture and operational efficiency

Lead and own the BeyondTrust platform ensuring secure access for servers, admin users, and supply chain isolated networks

Design a cloud first architecture and train core members in Microsoft Entra ID for managing user identities, still ensuring alignment with AD on-premises systems

Design and manage public key infrastructure (PKI), including both internal ADCS and external Certificate Authorities like Sectigo, to ensure secure communication channels and compliance with security standards

Collaborate with Security Architecture, Infrastructure and Cloud delivery teams to achieve business objectives

Partner with Enterprise Architecture and business teams to achieve strategic outcomes for Digital Initiatives

Qualification

Identity Management SolutionsBeyondTrustMicrosoft Entra IDActive DirectoryCertificate ManagementIdentity GovernanceThreat DetectionAgile MethodologiesScripting TechnologiesSQL Query AnalysisCommunication SkillsProblem-Solving SkillsInterpersonal SkillsAttention to Detail

Required

Bachelor's degree and 10 years of relevant experience in Identity Field similar roles

8 years of experience with BeyondTrust, or, Active Directory (AD) and Microsoft Entra ID (formerly Azure or external Certificate Authorities such as Sectigo, internal Certificate Authority (Active Directory Certificate Services - ADCS)

Strong understanding of Identity principles including but not limited to SCIM, OIDC SAML, least privilege, Kerberos, certificate-based auth

Excellent analytical skills, with the ability to use data and data analytics tools to drive decisions

3 years' experience with Agile methodologies and tools such as ADO or GitHub

Ability to think strategically while managing day-to-day product details

Strong communication, and interpersonal skills – the ability to collaborate and deliver effectively with diverse teams

Expert in EntraID integration and Microsoft 365 identity management solutions

Knowledge of scripting or automation technologies such as PowerShell, Terraform, REST, JSON for automating identity-related tasks

Experience performing SQL, EQL query analysis to build a case for a new process or to take action based on the data

Excellent problem-solving skills and attention to detail

Ability to adapt to changing priorities and manage multiple tasks effectively

Immigration sponsorship and relocation are not available for this position

Preferred

Previous experience in building and architecting using infrastructure as code with terraform

Desire to be in a fast-moving, agile environment with willingness to adjust quickly

Certifications such as CISSP, CISA, or relevant Microsoft, BeyondTrust certifications in Identity & Access

Experience architecting and designing multi-cloud identity platforms

Project management experience

Experience in CIAM(Customer Identity and Access Management)

Experience in Protocols & APIs: Deep understanding of federation protocols (SAML, OAuth2.0, OIDC), SCIM, and RESTful APIs

Security Frameworks: Solid foundation in Zero Trust architecture and contemporary security standards

Benefits

Comprehensive and market-competitive benefits to meet the needs of our associates and their families

Company

Ecolab

Glassdoor3.7

Ecolab provides water, hygiene and infection prevention solutions and services that protect people and the resources vital to life. It is a sub-organization of Ecolab Life Sciences.

Founded in 1923

Beaver Creek, Minnesota, USA

10001+ employees