Engineer - Access & Identity Management, Associate
Locations: Atlanta, Georgia
Overview of Technology roles
At BlackRock, technology has always been at the core of what we do – and today, our technologists continue to shape the future of the industry with their innovative work. We are not only curious but also collaborative and eager to embrace experimentation as a means to solve complex challenges. Here you’ll find an environment that promotes working across teams, businesses, regions and specialties – and a firm committed to supporting your growth as a technologist through curated learning opportunities, tech-specific career paths, and access to experts and leaders around the world.
Job description
About this role
Access and Identity Management team sits in the Global Information Security group whose mission is to evaluate, establish, maintain information security controls that protect the company’s information and computer systems.
The Cloud Identity & Access Management (IAM) Cloud Associate role is a technical position which will support IAM functions in Microsoft Azure and AWS environment(s). This includes creating and granting access to new users, non-human accounts while crafting and maintaining roles permissions and entitlements for various businesses/departments in BlackRock. In addition to performing user access management activities this role also requires proactive governance of all cloud environment(s) that includes reviewing stale access, handling secret rotations, reducing over-privileged access etc.
Primary Duties & Responsibilities:
- Drive continuous improvement within the Cloud IAM security architecture by introducing and implementing emerging security technologies and best practices.
- Collaborate effectively with business and IT teams to analyze and define IAM requirements.
- Liaise with Information Security, Engineering, and business functions to deliver the target technology environment.
- Create and enhance automation scripts and CI/CD pipelines to implement IAM roles, SPNs, and other IaC configurations in Azure, AWS, and GCP public cloud environments.
- Use automation tools such as CI/CD pipelines, Azure DevOps, Terraform, and Python scripts for IAM infrastructure setup and capability deployment.
- Identify gaps and recommend solutions to enhance operational efficiencies across IAM processes.
- Manage user and non-human access through Azure RBAC role assignments via Privileged Identity Management (PIM).
- Ensure a comprehensive understanding of onboarding enterprise applications.
- Handle IAM users, policies, and roles in AWS.
Required Qualifications:
- Bachelor's degree in Cyber Security, Computer Science, Information systems or equivalent work experience in the IT field, with at least a portion of that time in Security related position
- Minimum of 5+ years of proven experience in Access and Identity Management.
- 2-4 years of extensive experience working with IAM within Microsoft Azure and Amazon Web Services (AWS) environments.
- Hands-on experience with creating, modifying, and maintaining user access via Privileged Identity Management (PIM) in Microsoft Azure.
- Proficient in assigning entitlements to roles and groups using Role-Based Access Control (RBAC).
- Experience with application registrations and granting required permissions to non-human accounts in the cloud.
- Skilled in maintaining access to management groups, subscriptions, resources, and enterprise applications.
- Strong understanding of using AWS CLI, IAM users, policies, roles, terraform to deploy resources, and permission boundaries to address complex access requests within AWS.
- Demonstrated knowledge of role-based access provisioning, establishing team-based roles, and assigning entitlements.
- Proficiency in PowerShell and Python scripting for task automation and efficiency.
- Solid grasp of cloud security governance practices and IAM policy/document preparation.
- Experience working in a highly regulated and audited Information Security environment.
- Knowledge of IAM activities in Google Cloud Platform (GCP) is a plus.
Personal Attributes:
- Ability to train other team members on Cloud IAM topics.
- Excellent customer service and communication (oral/written) skills with technical and non-technical audiences.
- Strong critical thinking and analytical skills with the ability to think “out of the box.”
- Good teammate and consensus-forming individual.
- Integrity and the highest ethical standards.
- Self-starter with a personal aim to achieve superior performance.
- Natural curiosity and a desire to always learn.
Our benefits
To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.
Our hybrid work model
BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock.
About BlackRock
At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.
This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.
For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock
BlackRock is proud to be an Equal Opportunity and Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, disability, protected veteran status, and other statuses protected by law.
BlackRock will consider for employment qualified applicants with arrest or conviction records in a manner consistent with the requirements of the law, including any applicable fair chance law.R240946
BlackRock Principles
We look to hire people that will embody our BlackRock Principles:
-
We are a fiduciary to our clients.
This is the bedrock of our identity; it reflects our integrity and the unbiased advice we give our clients.
-
We are One BlackRock.
We work collaboratively to create the best outcomes for our clients, our firm and the communities where we operate.
-
We are passionate about performance.
We are relentless in innovating and finding better ways to serve our clients and improve our firm.
-
We take emotional ownership.
We have a deep sense of responsibility to our clients and to each other.
-
We are committed to a better future.
We are long-term thinkers, focused on helping people build a better tomorrow.
Career path
We recognize that our technologists benefit from a tailored approach to navigating and advancing their careers in the ways they envision. Our tech career paths are specifically built to support vertical and horizontal trajectories – including Enterprise Leadership (team manager) and Tech Leadership (individual contributor) ‘tracks’ as well as various other career moves.
-
Engineer I (Analyst)
-
Engineer II/III (Associate)
-
Senior Engineer I/II (Vice President)
-
Lead Engineer
(Vice President)Engineering Team Manager
(Vice President) -
Principal/Sr. Principal
Engineer (Director)Engineering Team Director/ Sr. Engineering Team Director -
Managing DirectorManaging Director
-
TECH
LEADERSHIPENTERPRISE
LEADERSHIP
Benefits
We care about your overall well-being and design our benefits package to support you in various aspects of your life.
-
Financial well-being
We offer resources designed to help you build a sound financial future for you and your family, like retirement savings plans and tuition reimbursement.
-
Pay for performance
Our pay-for-performance philosophy includes a base salary and a discretionary annual bonus.
-
Physical well-being
Our healthcare plans and resources help you focus on your physical health, so you and your family can feel your best.
-
Emotional well-being
We support our people's mental health and emotional well-being by providing access to an Employee Assistance Program and a network of Mental Health Ambassadors.
-
Life management
You'll be able to focus on moments that are important to you with benefits designed to support life in and outside of work with Flexible Time Off, parental leave and more.
Stay in the know
Sign up to get information on open roles, upcoming events and life at the firm – straight to your inbox.