SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG’s shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.

In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization’s extensive global network. The Group’s operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC Rail Services LLC, Manufacturers Bank, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.

The anticipated salary range for this role is between $158,000.00 and $196,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.

Role Description

The Identity and Access Management (IAM) Engineer will be part of the IAM Architectural and Engineering Solutions and Innovations function within SMBC. The IAM Engineer will work with the Group Companies to provide elegant solutions which transcend legacy and modern applications. The developed solutions will adhere to the core principles of Zero-Trust, Just-In-Time and Just-Enough-Access but balance it with a frictionless experience for end users and applications. The ideal candidate must be a good technologist and have experience with a wide range of Operating Systems, Applications, IAM Products.

Role Objectives

• Collaborate with the group companies to understand, document, and solve IAM problems using off-the shelf products or architect new tools (webservices, reporting and monitoring)

• Modernize legacy application IAM, to a more cloud centric approach.

• Provide sustainable and future compatible IAM solutions to legacy applications

• Handle multiple requirements and projects

• Understand IAM products, protocols and be a Subject Matter Expert for anything IAM

• Ensure that each solution is documented and operationalize the solution for long term sustainability

• Automate IAM Processes

• Champion the developed IAM solutions and ensure compliance with all applicable SMBC policies

• Willing to learn and work in the following areas (subject to change)

• Non-Human Identities

• Microsoft Fabric

• API Security (Authentication and Authorization)

• Modern Authentication Protocols

• Automation (Terraform, Ansible etc)

Qualifications and Skills

• Authentication, Authorization and Access Management flows

• SAML, Openid, Oauth

• Experience with PowerBI, SQL a plus

• Kowledge of Microsoft Fabric a plus

• Experience in Powershell and working knowledge of any one High Level Language like Python, Java, C#/Dot Net

• Knowledge of HTML, Javascript, HTTP, Kerberos, PKI, JSON, JWT, Webservices, LDAP V3

• Knowledge of Web Application Tech Stack (browsers, web servers, application servers, databases)

• Knowledge of IAM and security principles like Federation, RBAC, PBAC, MFA, encryption, PKI

• Hands-on with Diagramming tools like Visio or Lucidchart

• Hands-on with Azure and Microsoft Identity Products. Specifically Azure Active Directory, Azure Conditional Access, Azure Identity Governance, Azure Enterprise Applications, Microsoft Active Directory, Microsoft Identity Manager will be a plus

• Privileged Identity and Secret management (Cyberark, Hashicorp Vault etc.)

• Implementation experience of MFA, step-up authentication, UEBA, Risk Based authentication products

• Familiarity with DevOps tools preferred

• Experience with Windows and Unix environment preferred.

• Containerization technologies like Docker and Kubernetes preferred

• Excellent communication skills

Education/Certification

• Bachelor’s (Computer Science preferred)

• Certification – CISSP, cloud or other Security related

Additional Requirements

D&I Commitment

Responsible for fostering a culture of diversity and inclusion, holding leaders accountable for creating an inclusive environment through awareness and practice of equity in recruiting, developing, and promoting diverse talent.

SMBC’s employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SMBC provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com.