Occidental Petroleum Corporation
Identity and Access Management (IAM) Advisor
Occidental Petroleum Corporation, Houston, Texas, United States, 77246
IAM Advisor
We are seeking a highly experienced IAM Advisor to lead and support enterprise identity and access management initiatives. This role requires deep technical expertise in Active Directory (AD) and AWS IAM, along with a strong understanding of identity governance, authentication protocols, and security best practices. The ideal candidate will have a minimum of 10 years of experience in IAM and a proven track record of securing complex, hybrid IT environments. Key Responsibilities:
Design, implement, and manage IAM solutions across on-premises (Active Directory) and cloud (AWS) environments. Develop and enforce IAM policies, standards, and procedures to support secure access and compliance. Lead initiatives for identity lifecycle management, access reviews, and role-based access control (RBAC). Integrate IAM with enterprise applications and cloud services using SSO, MFA, and federation protocols. Manage and optimize Active Directory forests, domains, group policies, and trust relationships. Provide expert-level support for AWS IAM services including roles, policies, permissions boundaries, and AWS Organizations. Collaborate with security, infrastructure, and application teams to embed IAM into enterprise architecture. Conduct risk assessments and support audits and compliance initiatives (e.g., SOX, HIPAA, ISO 27001). Mentor junior team members and contribute to IAM strategy and roadmap development. Required Qualifications:
10+ years of experience in Identity and Access Management. Strong hands-on experience with Microsoft Active Directory, including GPOs, OU structure, and domain trust management. In-depth knowledge of AWS IAM, including policies, roles, SSO, and cross-account access. Proficiency with authentication and authorization protocols (LDAP, Kerberos, SAML, OAuth2, OIDC). Experience with IAM tools such as Okta, SailPoint, CyberArk, or similar platforms. Experience in designing, implementing, and managing Public Key Infrastructure (PKI) solutions to support secure authentication, encryption, and digital signature services across enterprise environments. Experience with scripting and automation (e.g., PowerShell, Python, Terraform, CloudFormation). Experience with Power Automate/PowerBI. Strong understanding of security frameworks and compliance standards. Excellent communication, documentation, and stakeholder engagement skills. Preferred Qualifications:
AWS certifications (e.g., AWS Certified Security Specialty, Solutions Architect). Microsoft certifications (e.g., Azure AD, MCSA/MCSE). Experience with hybrid identity models and cloud migration projects. Knowledge of Zero Trust Architecture and modern identity frameworks. Location: Houston, TX Job Type: Full-Time | Hybrid Recruitment Fraud: It has come to our attention various individuals and/or organizations are contacting people falsely pretending to recruit on behalf of Oxy. Please be aware that these recruiting scams and communications do not originate nor are they associated with our recruitment process. All Oxy job postings and offers will require a completed application through our company website. Oxy does not charge a fee at any stage of the recruiting process. We will never: ask you to pay for applications, interviews, meetings, processing, training or for any other fees; use recruiting or placement agencies that charge candidates an advance fee of any kind; or request personal information such as passport and bank account details at an early stage of our recruitment process. We recommend against responding to unsolicited business propositions or offers from people you don't know. Do not disclose your personal or financial details. If you believe you have been the victim of a recruiting scam, please contact your local police department. All qualified applicants will receive consideration for employment without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
We are seeking a highly experienced IAM Advisor to lead and support enterprise identity and access management initiatives. This role requires deep technical expertise in Active Directory (AD) and AWS IAM, along with a strong understanding of identity governance, authentication protocols, and security best practices. The ideal candidate will have a minimum of 10 years of experience in IAM and a proven track record of securing complex, hybrid IT environments. Key Responsibilities:
Design, implement, and manage IAM solutions across on-premises (Active Directory) and cloud (AWS) environments. Develop and enforce IAM policies, standards, and procedures to support secure access and compliance. Lead initiatives for identity lifecycle management, access reviews, and role-based access control (RBAC). Integrate IAM with enterprise applications and cloud services using SSO, MFA, and federation protocols. Manage and optimize Active Directory forests, domains, group policies, and trust relationships. Provide expert-level support for AWS IAM services including roles, policies, permissions boundaries, and AWS Organizations. Collaborate with security, infrastructure, and application teams to embed IAM into enterprise architecture. Conduct risk assessments and support audits and compliance initiatives (e.g., SOX, HIPAA, ISO 27001). Mentor junior team members and contribute to IAM strategy and roadmap development. Required Qualifications:
10+ years of experience in Identity and Access Management. Strong hands-on experience with Microsoft Active Directory, including GPOs, OU structure, and domain trust management. In-depth knowledge of AWS IAM, including policies, roles, SSO, and cross-account access. Proficiency with authentication and authorization protocols (LDAP, Kerberos, SAML, OAuth2, OIDC). Experience with IAM tools such as Okta, SailPoint, CyberArk, or similar platforms. Experience in designing, implementing, and managing Public Key Infrastructure (PKI) solutions to support secure authentication, encryption, and digital signature services across enterprise environments. Experience with scripting and automation (e.g., PowerShell, Python, Terraform, CloudFormation). Experience with Power Automate/PowerBI. Strong understanding of security frameworks and compliance standards. Excellent communication, documentation, and stakeholder engagement skills. Preferred Qualifications:
AWS certifications (e.g., AWS Certified Security Specialty, Solutions Architect). Microsoft certifications (e.g., Azure AD, MCSA/MCSE). Experience with hybrid identity models and cloud migration projects. Knowledge of Zero Trust Architecture and modern identity frameworks. Location: Houston, TX Job Type: Full-Time | Hybrid Recruitment Fraud: It has come to our attention various individuals and/or organizations are contacting people falsely pretending to recruit on behalf of Oxy. Please be aware that these recruiting scams and communications do not originate nor are they associated with our recruitment process. All Oxy job postings and offers will require a completed application through our company website. Oxy does not charge a fee at any stage of the recruiting process. We will never: ask you to pay for applications, interviews, meetings, processing, training or for any other fees; use recruiting or placement agencies that charge candidates an advance fee of any kind; or request personal information such as passport and bank account details at an early stage of our recruitment process. We recommend against responding to unsolicited business propositions or offers from people you don't know. Do not disclose your personal or financial details. If you believe you have been the victim of a recruiting scam, please contact your local police department. All qualified applicants will receive consideration for employment without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.