Principal Identity & Access Management Engineer

United States of America, California, South San Francisco

de fr es ru tr it pt zh ja

Principal Identity & Access Management Engineer

Job Summary:

You are a multi-disciplinary, technology-agnostic and broadly skilled Infrastructure Engineer who enjoys and thrives in solving unusually complex business problems through practical and ingenious application of technologies.

Our Principal Engineers have a broad view of how the different solutions in and beyond their solution area work together and may need to be adapted as driven by business demands. They have in-depth knowledge in multiple business areas of Roche beyond IT infrastructure and understand in great detail how IT infrastructure impacts Roche business processes. They work on the most demanding and challenging projects which require technical and thought leadership in their areas of responsibility. They are accountable and responsible for the ultimate decision-making in technical design and delivery in the context of the projects/activities they work on, while exercising considerable independent judgement and discretion. They have the required skills, experience and vision to be able to influence technology vendors and are acknowledged as amongst the best in the industry in their sphere of responsibilities and areas of expertise.

They often exercise applied innovation to develop and integrate advanced technological ideas/concepts and see them through to an implemented and viable final product. They thrive in ambiguous circumstances and can help guide other less experienced peers, as needed.

Job Responsibilities:

  • To lead and contribute to the end-to-end design of infrastructure solutions and the creation and maintenance of related component standards 
  • To serve as consultant to senior management and internal/external stakeholders for the organization on matters pertaining to its policies, plans, objectives and delivery in the infrastructure area of responsibility
  • To follow industry and technology advancements closely, in order to determine success criteria for their evaluation and evaluate promising solutions/technologies (Proof-of-Concepts) across their entire infrastructure solution area and where applicable, beyond their infrastructure solution area that have an enterprise impact and their feasibility in meeting Roche’s business needs
  • To elicit, challenge, analyze, communicate and validate requirements for changes to business processes, policies and information systems 
  • To understand business problems and opportunities in the context of the requirements and recommends solutions that enable the organization to achieve its long-term objectives
  • To architect (as solution architect), design, build, test and implement (first-time deployments) integrated, resilient and reliable solutions across the entire infrastructure solution area, and where applicable, beyond their infrastructure solution area
  • To ensure that designs and solutions in the infrastructure solution area align and adhere to the organization’s Technical Architecture Framework (TAF) policies, standards and direction and map the Technology Roadmaps into Portfolio projects/activities
  • To lead the efforts to estimate Engineering resources and timelines to deliver projects/activities successfully
  • To remain proactive and aware of operational challenges and opportunities and work with support team staff to resolve incidents and major incidents
  • To ensure solutions and components implemented comply with Quality/Regulatory standards, as applicable

Job Requirements/Qualifications:

  • Bachelor’s Degree in Information Systems, Engineering, Computer Science or related field and/or required.
  • 12+ Years of relevant work experience in a global organization
  • 5+ year’s experience working in one or more multinational work environment (Healthcare Industry experience a plus) as a Principal-level Solution Architect and/or Technical Lead

Required Proven Technology Expertise in the following areas

  • Hands-on designing and deploying Identity & Access provisioning solutions (SailPoint) and Directory Services (AD, Virtual Directories, AD to UNIX) for both Enterprise/Internal and Consumer/External identities.
  • Cloud native (AWS, Azure, GCP),on-prem and hybrid IAM environments, and experience in application migration activities between those.
  • Hands-on designing and implementing IDaaS, Web Access Management
  • Federation and Multi-Factor Authentication solutions
  • Hands-on RBAC and ABAC design and implementation Privileged Account Management technologies and principals

  • Web Application programming and Java, J2EE, JMS, XML experience is a plus
  • Multiple Industry certifications for the infrastructure solution area desired

  • Ability to deliver strategically, navigate through ambiguity, and perform independently without supervision
  • Outstanding problem solving and decision-making skills
  • Strong and consistent interpersonal skills
  • Consistently demonstrated customer and delivery focus  
  • Outstanding customer engagement and presentation skills with the ability to communicate across all levels (senior and/or large audiences).
  • Ability to work effectively with team members and virtual teams from different locations and different cultural backgrounds
  • Excellent written and communication.  Ability to speak German, Spanish and/or Chinese (Mandarin) are significant plus.
  • Proven project and time management skills
  • Extensive travel required and ability to work across multiple time zones required including on-call and off-hours