Identity Operations Engineer

As a key member of the UMG Operations Center, the Identity Operations Engineer is responsible for ensuring our Identity Management and Messaging environments, including Active Directory, function at peak efficiency. This role involves coordinating within a global 'follow the sun' framework, expanding the integration of identity management solutions with enterprise applications, and providing day-to-day administration, reporting, troubleshooting, and operations. The engineer will also ensure solutions protect information resources, resolve issues related to identities and access, and provide ITIL-based operational support for Active Directory infrastructure.

Must Have

• Ensure Identity Management and Messaging environments, including Active Directory, function at peak efficiency.
• Operate within a global 'follow the sun' framework, coordinating workday during Australian time zone business hours.
• Expand integration of identity management solutions with enterprise applications.
• Support day-to-day administration, reporting, troubleshooting, and operations of Identity Management environment.
• Utilize best practices to protect information resources against unauthorized use, access, disclosure, damage, or loss.
• Troubleshoot and resolve issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
• Provide ITIL-based operational support for Active Directory infrastructure, including incident, change, and problem management.
• Support on-premise and cloud-based equipment and configuration (Domain Controllers, Azure AD, M365, Duo, CyberArk, YubiKey, Microsoft Identity Management, Splunk, Active Roles servers).
• Complete key metric reporting and analysis for the Identity Management environment.
• Ensure audit tasks related to Identity Management are completed on time.
• Participate in security incident response teams as needed.
• Utilize industry best practices for standards, processes, procedures, tools, and documentation.
• Ensure maintenance, patching, operating, and monitoring of IAM systems is in place and completed on schedule.
• Participate in developing automation to reduce time spent on routine tasks.
• Be part of a Mon-Sun roster, where office work is required on weekends.
• Prepare, update, and provide progress on support tickets when handed off to the next region.
• Solid technical skills in Identity Management space, including Active Directory.
• Minimum of five years directly related experience in Identity & Access Management (IAM).
• Strong ability for troubleshooting and problem analysis.
• Experience troubleshooting and solving issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
• Hands-on experience of Active Directory operation and support including FSMO roles, delegated administration, group policies, OU admin & Site replication, ADFS.
• Exchange operation and support including OWA, SMTP services, and routing / costing.
• Hands-on experience and skills with M365 and ServiceNow.
• Demonstrated current work experience supporting integrated IAM solutions such as Azure Active Directory, Active Roles, Duo, MIM, and CyberArk.
• Knowledge of Systems Reliability Engineering principles, automation, and AI.

Good to Have

• Bachelor’s Degree in Computer Science or Engineering or closely related field or comparable education and experience.
• Understanding of Microsoft Teams group/system policies, survivable branch appliances, unified messaging, and federation.
• Experience configuring and managing IT systems with technologies such as Java, JavaScript, XML, SOAP, JSON/REST, SQL, RDBMS, Linux, Windows, and databases.
• IT Certifications including MCSE Certification specialization in Identity Management, Certified Access Management Specialist (CAMS), and ITIL Foundations certifications.
• International experience beneficial; multiple language skills a plus.
• Experience with ServiceNow orchestration into Active Directory, M365, Zoom, Slack, Box, or Teams.

Perks & Benefits

• Be part of an entrepreneurial, global organization that values authenticity, drive, creativity, relationships, and a competitive spirit.
• Comprehensive medical, dental, vision, and FSA options.
• 100% coverage for out-patient mental health services.
• Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel (up to $720/year).
• A lifetime fertility support allowance of $30,000 to plan participants.
• Student Loan Repayment Assistance and Tuition Reimbursement.
• 100% immediately vested 401(k) match on the first 5% of your contribution on eligible compensation.
• Flexible Paid Time Off (PTO) for exempt employees.
• 3-weeks PTO for non-exempt employees.
• 2-weeks paid Winter Break.
• 10 Company Holidays (including Juneteenth and Wellbeing Day).
• Summer Fridays (between Memorial Day and Labor Day).
• Generous paid parental leave for every type of parent.

We are UMG, the Universal Music Group. We are the world’s leading music company. In everything we do, we are committed to artistry, innovation and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world.

Job Summary

As a key member of the UMG Operations Center, the Identity Operations Engineer is responsible for ensuring our Identity Management and Messaging environments, including Active Directory functions at peak efficiency.

You will operate within a global “follow the sun” framework, coordinating your workday during business hours in the Australian time zone.

The position will be a team player working to expand the integration of our identity management solutions with our enterprise applications, support day-to-day administration, reporting, troubleshooting, and operations of our Identity Management environment. In addition to having strong technical skills, you must be comfortable in effectively communicating with business end users, technical IT teams, business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and technical backgrounds in a global business environment.

Job Functions

• Utilize best practices to ensure that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss.
• Troubleshoots and resolves issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
• ITIL-based operational support and acts as a technical resource for the Active Directory infrastructure, including incident, change, and problem management.
• Provides support of on premise and cloud-based equipment and configuration including but not limited to Domain Controllers, SaaS applications such as Azure Active Directory, M365, Duo, CyberArk, YubiKey, Microsoft Identity Management, Splunk, and Active Roles servers.
• Complete the key metric reporting and analysis for the Identity Management environment as required.
• Work to ensure audit tasks related to Identity Management are completed on time, with participation of appropriate parties.
• Participate in security incident response teams as needed
• Utilize industry best practices for appropriate standards, processes, procedures, tools, and documentation.
• Ensure the maintenance, patching, operating, and monitoring of IAM systems is in place and completed on schedule.
• Participate in developing automation to reduce the time spent on routine tasks.
• You will be part of a Mon-Sun roster, where office work is required on weekends
• Prepare, update and provide progress on support tickets when handed off to the next region

Job Requirements

Essential:

• Solid technical skills in the Identity Management space, including Active Directory.
• Minimum of five years directly related experience in Identity & Access Management (IAM).
• A strong ability for troubleshooting and problem analysis is required, along with the ability to clearly communicate the results of problem analysis to business stakeholders, IT support teams, and network providers to quickly and effectively resolve operational issues.
• Experience troubleshooting and solving issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
• Hands on experience of Active Directory operation and support including Active Directory Infrastructure components (FSMO roles), delegated administration, group policies, OU admin & Site replication, ADFS, Exchange operation and support including OWA, SMTP services, and routing / costing.
• Customer service driven/focused with a proactive and positive can-do approach. Demonstrates commitment to organization’s policy framework and practices continuous improvement.
• Hands-on experience and skills with systems such as M365 and ServiceNow are required. Experience with ServiceNow orchestration into Active Directory, M365, Zoom, Slack, Box, or Teams is a plus.
• Demonstrated current work experience supporting integrated IAM solutions such as Azure Active Directory, Active Roles, Duo, MIM, and CyberArk.
• Demonstrated organizational skills, attention to detail and ability to work both independently and as part of a team.
• Solid written, oral, and interpersonal communications skills.
• Knowledge of Systems Reliability Engineering principles, automation, and AI.

Desirable:

• Bachelor’s Degree in Computer Science or Engineering or closely related field or comparable education and experience.
• Understanding of Microsoft Teams group/system policies, survivable branch appliances, unified messaging, and federation.
• Experience configuring and managing IT systems with technologies such as Java, JavaScript, XML, SOAP, JSON/REST, SQL, RDBMS, Linux, Windows, and databases.
• IT Certifications including MCSE Certification specialization in Identity Management, Certified Access Management Specialist (CAMS), and ITIL Foundations certifications desired.
• International experience beneficial; multiple language skills a plus.

Perks Playlist:

• Be part of an entrepreneurial, global organization that values authenticity, drive, creativity, relationships, and a competitive spirit
• Comprehensive medical, dental, vision, and FSA options, as well as:
• 100% coverage for out-patient mental health services
• Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)
• A lifetime fertility support allowance of $30,000 to plan participants
• Student Loan Repayment Assistance and Tuition Reimbursement
• 100% immediately vested 401(k) match on the first 5% of your contribution on eligible compensation
• Variety of ways to prioritize much-needed time away from work including:
• Flexible Paid Time Off (PTO) for exempt employees
• 3-weeks PTO for non-exempt employees
• 2-weeks paid Winter Break
• 10 Company Holidays (including Juneteenth and Wellbeing Day)
• Summer Fridays (between Memorial Day and Labor Day)
• Generous paid parental leave for every type of parent

Check out our full overview of benefits on the Perks Playlist page of the career site.

Disclaimer: This job description only provides an overview of job responsibilities that are subject to change.

Universal Music Group is an Equal Opportunity Employer

We are an E-Verify employer in Alabama, Arizona, Georgia, Mississippi, North Carolina, South Carolina, Tennessee, and Utah.

For more information, please click on the following links.

E-Verify Participation Poster: English / Spanish

E-Verify Right to Work Poster: English | Spanish