This position is responsible for the management and governance of the digital member identities and the authentication channel. The role of the Digital Identity Administrator is to act as the SME for the member-facing digital authentication channel (IDp) and the risk engines within it. The Digital Identity Administrator will drive implementations of new technology to the authentication channel as well as maintain and enforce the governance and lifecycle of the identities. The Digital Identity Administrator will work with other departments to document in depth details and complete projects or initiatives that involve the authentication channel and ensure that National Institute of Standards and Technology (NIST) and applicable data privacy regulations are followed when necessary.
1. AUTHENTICATION CHANNEL DESIGN AND MANAGEMENT
1. Acts as subject matter expert for the authentication channel by working closely with IT Operations and the third-party developer to understand all processes and flows taken during an authentication attempt.
2. Designs functional and user-friendly changes to the authentication flow as needed.
3. Understands authentication and authorization protocols such as Federation, OAuth 2.0, OpenID connect, multi-factor authentication, and WebAuthn.
4. Works to incorporate use of hardware authenticators and TOTP applications into authentication process as well as a verification process for transactions behind initial authentication.
5. Awareness and understanding of changing data privacy rules and regulations.
6. Ensures the use of cutting-edge technology during authentication and risk decisioning by completing industry research and frequent education.
7. Documents all processes and flows taken during authentications at the network and web service levels. This requires a high to medium level of understanding of how data is passed between platforms and host systems.
8. Reviews pertinent logs for issues arising in the authentication channel.
9. Reviews risk-engine(s) performance.
10. Assists Digital Operations and Digital Support in providing relevant information about changes to be relayed to membership or staff.
11. Guides Digital Operations in creating statistical reports on authentication related activity by writing searches using SPL or Boolean logic in systems such as Splunk or Tableau.
12. Identifies ways the digital identity can be used organization wide to better deliver members quality services.
13. Willing to work all hours, typically on-call for incidents that interrupt member service.
2. DIGITAL MEMBER IDENTITY GOVERNANCE AND ADMINISTRATION
1. Establish and maintain governance of user provisioning and deprovisioning for member digital identities.
2. Reviews access for digital member identities (user, sub users, etc..) to ensure that correct access is being maintained.
3. Works to ensure automated processes are in place to handle deprovisioning where possible.
4. Reviews logs and user datasets to ensure that identities are being associated with accounts as expected.
5. Coordinate with Digital Identity Analytics and Intelligence Analyst to ensure that risk measures being enforced meet the needs for the level of access provided to the digital member identity.
3. ENVIRONMENT AND PRODUCT STABILITY
1. Assists in responding to downtime or degraded service of the authentication channel.
2. Tracks downtime/uptime service of authentication channel.
3. Determines root cause of outages and provides analysis as necessary.
4. Helps manage the integrity of the authentication channel by collaborating closely with IT Operations and analyzing logs from applicable servers.
5. Ensures any changes being applied to the environments are tested properly by Digital Testing and that proper channels were followed to release code to production.
6. Track the change control of releases that impact the authentication channel or risk engines within the channel.
7. Establish deployment and rollback plans for changes made.
8. Verifies that all services within the authentication channel are being upgraded or updated in a timely manner.
9. Works closely with Security Operations to ensure any vulnerabilities are managed quickly.
4. ORGANIZATION AND PROJECT COORDINATION
1. Organizes all day-to-day research, changes, suggestions for the authentication platform in a concise and efficient manner.
2. Coordinates with Digital Project team as a resource to deliver on projects that utilize the secure authentication channel or the digital member identity.
3. Position will be required to assist with any documentation as it relates to upcoming changes to the authentication channel at the request of the assigned project manager.
4. Position will require critical thinking, providing options and recommendations as it relates to projects utilizing the authentication channel or the digital member identity.
5. Perform risk mitigation as it relates to projects requiring use of the authentication channel or the digital member identity.
5. RELATED DUTIES AS REQUIRED OR ASSIGNED
1. Completes any special project or assignment as assigned.
Training/Education/Certification:
• Bachelor’s degree or master’s degree in IT, Business, Economics, Finance, or another related field.
• Working ability with standards such as FIDO, Oauth2.0, WSFed, OpenID Connect, multi-factor authentication, and WebAuthn.
Required Knowledge:
• Data analysis and interpretation
• Understanding of digital banking platforms (e.g., mobile banking, online banking, digital payments, authentication channels, risk engines)
• Understanding of hardware authenticators and TOTP applications
• Knowledge of liability and regulation pertaining to privacy and management of identity assets
• Understanding of PCI compliance
• Understanding of basic software interactions
• Knowledge of CI/CD processes
• Understanding of information security and risk management challenges such as issue mitigation and remediation
• Knowledge and understanding of NIST guidelines
Experience Required:
• At least 5-year digital industry experience (e.g., mobile banking, online banking, payments)
• At least 5-year identity industry experience (e.g., IAM, CIAM)
• Experience with authentication and authorization standards such as FIDO, Oauth2.0, WSFed, OpenID Connect, multi-factor authentication, and WebAuthn
• Experience interacting with business and technology leadership teams
• Workflow documentation inside Visio, Lucid Chart or similar
• Experience with SmartSheet, Confluence or similar
• Experience with Splunk and SPL
• Experience with Boolean logic
• Experience delivering changes and improvements to complex processes
Skills/Abilities:
• Self-starter that takes initiative
• Strategic thinker
• Strong communication skills
• Proven delivery track record in a complex environment
• Passion for creating desirable paths for member engagement
• Boolean logic
• Data analysis and analytical abilities
• Translate data into actionable intelligence
• Project management
• Excellent written and oral communication skills
• Attention to detail
• Time management skills
• Adaptability, flexibility
• Problem-solving skills
• Ability to work in a matrix style organization
• Ability to collaborate and facilitate across multiple groups with conflicting perspectives and or priorities
• Must be able to work flexible hours
• Well organized
• Able to document complex processes
• Able to operate a PC, 10-key, phones, and data management software
Software Powered by iCIMS
www.icims.com