Eaton Careers

Systems Architect - Enterprise Identity and Access Management - Cloud Solutions

Cleveland, Ohio
Information Technology


Job Description

Join Eaton’s Information Technology IT team and help positively impact our business through leading technologies, exciting and challenging enterprise projects and new platforms.  We are currently seeking Systems Architect - Enterprise Identity and Access Management (IAM) to join our Architecture, Governance and Security Center of Excellence (AGSCOE) team.  This position is based at our Eaton Center in Beachwood, Ohio. No relocation is being offered for this position.  If the candidate resides within 50 miles of Beachwood, Ohio, the candidate must work at that site. If the candidate resides more than 50 miles away from Beachwood, Ohio, the candidate will work remote from another US Eaton Facility or an approved home office.
The Enterprise IAM Systems Architecture will provide a set of services that initiate, capture, record, and manage user identities and their related access (permissions) to company resources within and outside of the company. This Senior Specialist's primary responsibility is to design, construct, and deliver solutions to address business and technical requirements, leveraging standard principles and patterns, as well as establishing them, where applicable. The individual filling this role will establish reference architectures and align technical roadmaps to near-term project requirements.
Making what matters work at Eaton takes the passion of every employee around the world. We create an environment where creativity, invention and discovery become reality, each and every day. It’s where bold, bright professionals like you can reach your full potential—and where you can help us reach ours.  In this role, the Enterprise IAM Systems Architecture will be responsible to:
  • You will communicate the Enterprise IAM strategy through concise, technical architecture documents, including the enumeration of all dependencies and integration points and the definition of methodology and standards for interaction, to ensure solution architects and developers have clear direction regarding engagement and integration with the enterprise IAM solution
  • You will consistently evaluate technologies to shape design of services in consideration of cost, portability, compatibility, or usability factors, with pronounced focus on IAM for Cloud-based services
  • You will leverage and influence technical strategy and direction for enterprise platforms
  • You will provide thought leadership and command respect for opinion within the Enterprise IAM space
  • You will champion industry best practices across the globe through industry interaction and change management
  • You will act as a mentor and provide guiding influence to others.
  • You will collaborate with program and project managers, customers, and technical resources to determine project schedule, as well as provide strong leadership by adhering to standard departmental policies, processes and documentation guidelines for project delivery. Drive decisions and deliverables across teams.
  • You will vet IAM services suppliers and inspects specific work completed by sourced suppliers to ensure that system requirements and installation objectives are consistently met
  • You will conduct interviews with customers for purposes of project design and/or architectural evolution. Author and uphold BRDs throughout the design process. Feed input back into the strategy and roadmap process to ensure the program continues to evolve to meet current and future needs
  • You will manage projects up to an enterprise level deployment.
When we embrace the different ideas, perspectives and backgrounds that make each of us unique, we — as individuals and as a company — are stronger.
We are committed to ensuring equal employment opportunities for all job applicants and employees. Employment decisions are based upon job-related reasons regardless of an applicant's race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, marital status, genetic information, protected veteran status, or any other status protected by law.


Required (Basic) Qualifications:
  • Bachelor’s degree from an accredited institution is required
  • Minimum 7 years of IT experience is required
  • Experience developing identity management strategies, architectures and implementation plans
  • Ability to communicate and interact with all levels of organization, both in and outside of IT.
  • Drives the IAM strategy for all types of identities for the digital business
  • Experience building IAM solutions for all types of identities (employees, contractors, vendors, business partners, customers, etc.), utilizing a hybrid of on-premise and Cloud Identity solutions
  • Minimum of 5 years’ technical architecture experience integrating identity and access management software into heterogeneous infrastructure and application portfolio
  • Candidates must be authorized to work in the US on a continuous basis without company sponsorship
  • This position requires use of information or access to hardware which is subject to the International Traffic in Arms Regulations (ITAR). All applicants must be U.S. persons within the meaning of ITAR. ITAR defines a U.S. person as a U.S. Citizen, U.S. Permanent Resident (i.e. 'Green Card Holder'), Political Asylee, or Refugee.
Position Criteria:
  • 3+ years’ experience managing projects through the full system development lifecycle in large, multi-national organizations
  • Some experience with at least one of the following development environments/languages: J2EE, Java, JavaScript, .NET or C#
  •  Awareness of compliance and privacy regulations relevant to IAM in a worldwide environment (HIPAA, Export Compliance, SOX, etc.)
  • Experience developing enterprise J2EE applications, including automated testing, source code version management, build and deployment processes.
  • Experience or strong comprehension of Oracle DB, EJB, and ADF Faces.
  • History of managing multiple concurrent development efforts successfully (change coordination and branch/merge techniques).
  • Active Directory administration, experience with PowerShell
  • Solid understanding of AD architecture, with experience managing a multi-domain forest.
  • Strong comprehension of the different options available within the AD security model, including groups (universal, global, domain local), GPO objects, OU, etc.
  • Federation / SAML experience, including the management of a federated identity solution (ideally, Oracle Identity Federation) involving multiple partners. Solid understanding of the different roles involved in federated identity integration (identity provider vs. service provider). Comprehension of popular identity federation standards (SAML, OpenID, OAuth) including the use cases and strengths/weaknesses of each
  • Directory Services experience
  • Experience working with the Oracle directory services plus suite (OUD / OVD / OID / ODSEE).
  • Experience working with other solutions implementing the LDAP v3 standard.
  • Experience working with directory services virtualization technologies
Preferred Qualifications:
  • BA/BS Degree in Business Administration, Computer Science, Engineering, Accounting or Information Systems
  • Master’s degree in a technical discipline such as: B.E / BTech / MCA / Equivalent (EITC) or B.S. Comp Sci / Mathematics / Engineering / Equivalent
  • 4+ years’ experience of advanced security technologies and concepts, including user provisioning, Single Sign-on, directory services, RBAC, PKI, SAML, or digital certificates a plus
  • Excellent proficiency with the English language (written and verbal). Additional language capabilities are a plus.
  • OAM 11g Experience
    • Experience running an enterprise access management / single-sign on solution, preferably one based on OAM 11g.
    • Firm understanding of various web authentication & session management methodologies.
    • Experience integrating and co-existing AM solution with an enterprise Identity Management solution.
    • Experience managing authentication and authorization for both internal and external clients.
    • Experience integrating applications using the OAM SDK
    • Experience integrating REST APIs
  • OIM 11g experience
    • Hands-on experience with Oracle Identity Manager 11g (R1 or R2)
    • Strong understanding of Identity Management processes and best-practices
    • Ability to diagnose and debug the issues identified in support matrix
    • Experience developing and supporting custom SOA composites a plus
  • EBS or SAP security administration
    • Strong understanding of Oracle EBS or SAP security model.
    • Technical grasp of EBS roles and responsibility design, as well as SoD validation.
    • Experience integrating with an enterprise IAM solution
  • Experience defining roles and managing an enterprise RBAC hierarchy
  • Experience with major operating systems such as Microsoft Windows and Unix/LINUX, mainframe security packages, and/or leading packaged application solutions for ERP systems, CRM systems or portals

We make what matters work. Everywhere you look—from the technology and machinery that surrounds us, to the critical services and infrastructure that we depend on every day—you’ll find one thing in common. It all relies on power. That’s why Eaton is dedicated to improving people’s lives and the environment with power management technologies that are more reliable, efficient, safe and sustainable. Because this is what matters. We are confident we can deliver on this promise because of the attributes that our employees embody. We’re ethical, passionate, accountable, efficient, transparent and we’re committed to learning. These values enable us to tackle some of the toughest challenges on the planet, never losing sight of what matters.

Job: Information Technology

Region: North America – US/Puerto Rico
Organization: Corporate Sector

Job Level: Individual Contributor
Schedule: Full-time
Is remote work (i.e. working from home or another Eaton facility) allowed for this position?: Yes
Does this position offer relocation?: No
Travel: Yes, 10 % of the Time

Requisition ID: 054971