Sr. IAM Engineer Lead

  • Company: New York Life
  • Location: San Diego, California
  • Posted: August 24, 2017
  • Reference ID: 55726-en_US

New York Life Insurance Company (“New York Life” or “the company”) is the largest mutual life insurance company in the United States*. Founded in 1845, New York Life is headquartered in New York City, maintains offices in all fifty states, and owns Seguros Monterrey New York Life in Mexico.


New York Life is one of the most financially strong and highly capitalized insurers in the business. The company reported 2016 operating earnings of $1.954 billion. Total assets under management at year end 2016, with affiliates, totaled $538 billion.  As of year-end 2016, New York Life’s surplus was $23.336 billion**.  New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody’s Aaa; Standard & Poor’s AA+. (Source: Individual Third Party Ratings Report as of 8/17/16).


Financial strength, integrity and humanity—the values upon which New York Life was founded—have guided the company’s decisions and actions for over 170 years.


General Profile


The Sr. IAM Developer is responsible for assisting with driving the daily activities structured as an initiative/program or business as usual engineering operations for the company’s identity and access service function. This role requires extensive background and experience in IAM strategy, architecture and software development/engineering as well as an ability to ensure appropriate visibility, communication, and governance across key business partners and stakeholders.  The role will require working across organizational boundaries to produce useful domain models and working repositories that help to efficiently manage Identity Management and Access Management complexities across the different stakeholders and user communities.


  • Recognized as an expert within the company for Identity & Access Management Services & Platforms
  • Influences the strategy to address internal or external business and regulatory issues
  • Proactively identifies and solves the most complex problems that impact the management and direction of the business
  • Contributes to the development of functional strategy
  • May lead multidisciplinary projects, processes or vendor management


Essential Job Functions


  • Lead the requirements, design, development, testing and implementation of scalable IAM solutions that meet business requirements, policies, and IS standards.
  • Maintain and enhance SailPoint IIQ and Security IQ and related integrated IAM services, processes & controls
  • Architect and design solutions that integrate with new or existing IAM platforms including provisioning, de-provisioning and integration of applications for authentication
  • Develop and deploy new connectors and robotics automation for business and technology applications 
  • Develop and deploy new applications within SailPoint Identity IQ for automated and semi-automated provisioning, including related SoD, custom provisioning forms/work items
  • Design, develop and maintain base account provisioning and password sync (Password interceptor & Desktop Reset) related workflows within SailPoint Identity IIQ
  • Maintain alignment of IAM vision with Information Security objectives and business requirements
  • Establish a continual service improvement plan and improve overall IAM service, focusing on operational, process and resource efficiency
  • Establish and provide metrics that provide visibility in to performance and efficiency of the IAM effort
  • Assist with development and maintain process and control documentation supporting IAM services
  • Engineer, deploy, and maintain new data subsystems used in Identity Management and Access Management ecosystems, i.e. audit log repository and reporting, IAM Data Analytics capability that spans our multiple warehouses and repositories, ETL plant for effective and efficient data manipulation in and out of Identity Management and Access Management (IAM) context as well as between our own systems, and the seamless migration off and decommission of legacy repositories.
  • Design, engineer and support a data base to host Identity Management and Access Management (IAM) Reference Data required to support our Identity Management and Access Management business processes. This may be enhancements or an aggregation of existing repositories, EMP and EPR.
  • This effort will require overcoming the existing fragmentation of the IAM domain to create models that are accepted and embraced by constituents in different parts of the Firm. The role will require working across organizational boundaries, within the Identity Management and Access Management (IAM) team and across Information Technology & Enterprise Data, to produce useful conceptual domain models and working repositories that help to efficiently manage Identity Management and Access Management complexities across the different stakeholders and use communities.
  • Consults businesses and evaluates functional requirements. Translates these requirements into information security solutions. Provides guidance to business partners about applicability of information security to meet business needs.
  • Supports the documentation and accreditation processes necessary to assure that new IT systems meet the organization’s information security requirements.
  • Responds to crisis or urgent situations to mitigate immediate and potential threats. Investigates and analyzes all relevant response activities.
  • Ensures that IS security architecture, designs, plans, controls, processes are aligned with IS strategy and standards.
  • Represent Information Security in cross-functional meetings and projects.
  • Perform other duties and/or special projects as assigned


Core Technical Requirements


  • 7+ years of experience managing projects through the full system development lifecycle
  • 7+ years of experience in information technology, with a focus on information security in one or more of the following areas:  IAM, cyber threats, security operations, data loss prevention, threat intelligence, security architecture, policy/governance
  • 7+ years of strong development / architecture experience in a hands-on role
  • 7+ years of experience with one or more directories such as CA Directory, Oracle Directory, AD, Ping, or IBM Directory Server
  • 7+ years of experience with: major operating systems such as Microsoft Windows and Unix; mainframe security packages such as TopSecret, ACF2 and RACF; and/or leading packaged application solutions for ERP systems, Active Directory, Exchange, CRM systems or portals
  • 7+ years of experience with federated identity and web services security concepts such as SAML, Liberty ID-FF and ID-WSF, WS-Federation, OpenID, OAuth and WS-Security
  • 7+ years of experience with development tools such as Eclipse, JDeveloper, Visual Studio and SQL Developer
  • 7+ years of hands-on experience with Active Directory, SSO, LDAP, Webservices and/or Java/JSP’s
  • 5+ years of experience in deploying SailPoint IIQ and Security IQ, including full development of workflows, provisioning forms, custom forms, base account provisioning, password management, reports, access certifications, out-of-the-box connectors, custom connectors
  • Familiarity of requirements gathering and deploying RPA tools with SailPoint Identity IQ or equivalent IAG solution
  • 5+ years of experience in maintaining SailPoint IIQ and Security IQ and related processes & controls
  • 5+ years of experience with role mining and role based access control with SailPoint IIQ
  • 5+ years of experience with one or more databases such as Oracle, IBM and MS SQL etc.
  • 5+ years of experience with at least one of the following development environments/languages: J2EE, Java, C/C++, .NET, C# or PL/SQL
  • 5+ years of Windows, Linux and Solaris Operating Systems knowledge
  • 5+ years of experience with Oracle Weblogic, JBOSS, Tomcat, Apache or IBM WebSphere
  • Working knowledge of virtual directories such as Oracle Virtual Directory, Radiant Logic and OctetString




  • Bachelor’s degree in Computer Science, Information Systems or equivalent related field preferred, with a minimum of 5 years of experience in Information Technology OR in lieu of the Bachelor’s degree, a minimum of 9 years of experience in Information Technology
  • Master’s degree in Computer Science, Information Systems preferred
  • CISSP, J2EE or equivalent a plus





If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.


*Based on revenue as reported by “Fortune 500, ranked within Industries, Insurance: Life, Health (Mutual),” Fortune Magazine, June 17, 2016.  See  for methodology.

**Total surplus, which includes the Asset Valuation Reserve, is one of the key indicators of the company’s long-term financial strength and stability and is presented on a consolidated basis of the company.


1. Operating earnings is the key measure use by management to track Company’s profitability from ongoing operations and underlying profitability of the business. This indicator is based on generally accepted accounting principles in the US (GAAP), with certain adjustments Company believes to be appropriate as a measurement approach (non GAAP), primarily the removal of gains or losses on investments and related adjustments.


2. Assets under management represent Consolidated Domestic and International insurance Company Statutory assets (cash and invested assets and separate account assets) and third party assets principally managed by New York Life Investment management Holdings LLC, a wholly owned subsidiary of New York Life Insurance Company.

Share this Job