At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
Duties Analyze the business processes, functions, application access and entitlements, as well as access patterns to define the roles. Use Alteryx to create data analytics driven automation, discover role access patterns across the entire enterprise, and improve manual processes. Prepare digestible business roles from analytics output for business review. Work with business owners and entitlement owners to review and finalize business roles. Manage roles following the role life-cycle governance processes including creation, approval, update, deletion, and access certification. Implement the defined roles into IAM platform Oracle identity manager and define the role-based access control. Deploy the automated and business roles into Oracle identity governance by creating the required workflows, prepare the deployment instructions and enable the automation. Configure the automated roles for automated certification process. Generate the confidence scores for all the entitlement assignments across organization and populate them to Oracle identity governance tool to enable the certifiers to make a data driven decision to approve or revoke the access. Manage user provisioning, de-provisioning, role management and access policies. Customize and extend OIM workflows, connectors, and adapters to integrate with various applications and directories. Implement the web services in a service-oriented architecture. Monitor and audit identity management activities to detect and mitigate security risks. Design and implement the IAM solutions including but not limited to provisioning workflows, privileged accounts, access certification, approval workflows and orphan account management which requires backend coding in Java, Java EE, JSF, Spring MVC, Hibernate, REST and SCIM APIs. Perform code reviews for vulnerabilities using Veracode. Derive an access governance program using Oracle identity governance suite and Oracle SOA suite to meet security and compliance standards of SOX, PCI to increase security posture. Migrate the existing role mining solution from Oracle identity governance to SailPoint IIQ. Use SailPoint IIQ to perform role Mining, entitlement discovery and role consolidation. Define and collect source access data, ingest data and run machine learning analytics using SailPoint IIQ to come up with recommended business roles. Maintain and manage the SailPoint AI/ML SaaS Product. Prepare digestible business roles from analytics output of AI/ML product of SailPoint and implement defined roles into SailPoint IIQ. Implement and manage the SOD (segregation of duties) solution, birthright roles and job transfer certifications. Use Alteryx to clean, transform and analyze large manage datasets from different sources. Build predictive models. Create repeatable workflows. Provide the required evidence to the audit on demand. Manage and administer the UiPath orchestrator. Work with GitHub to maintain the codebase of the RAM automation solution. Use Microsoft Power Automate to build surveys and automated processes.
Job Requirements Requires Bachelor's in Engineering (any) or related field and 5 years (60 months) of progressive, post-Bachelor’s related experience.. Requires 5 years (60 months) of progressive, post-Bachelor’s related experience in each of the following skills: Oracle Identity Governance; Java; J2EE; SQL; PL/SQl; Unix; Weblogic Server; REST/SCIM API; Oracle Database; JSF; Spring MVC; Hibernate.
We offer competitive pay and benefits. Starting compensation depends on related experience. Annual bonus and other eligible earnings are not included in the ranges above. Benefits include: 401(k) w/ company match; employee stock purchase plan; paid vacation, volunteering, 28-day sabbatical after every 5 years of service for eligible positions; paid parental leave and family building benefits; tuition reimbursement; health, dental, and vision insurance; hybrid/remote work schedule available for eligible positions (subject to Schwab’s internal approach to workplace flexibility).
Charles Schwab is a different kind of investment services firm – one that strives to disrupt the status quo of the traditional Wall Street approach on behalf of our clients. We believe today, as we did on Day 1, that when you find ways to improve the investing experience for your clients, then business results will follow. Follow our company culture at #SchwabLife and see how we give back at #Schwab4Good.
Support hours: 7 a.m.–7 p.m. CT or 24/7 at schwab.com/contact-us.
Social Media Disclosures: https://www.aboutschwab.com/social-media
(#0424-TM8W)
