Security Engineer

Job Description

The Office of Information Security is looking for people who deeply understand information security. We are building a team of people who are pragmatic and visionary at the same time: who can take strong executive support and a strategic commitment to transformation and run with that to build something better and smarter. We are looking for those agents of change, people willing and able to leave a mark not just on a Fortune500 company, but on an entire industry.

The Security Engineer (IAM) is responsible for ensuring design and implement IAM tools and technologies across the enterprise. The Engineer will work closely with other IT and Security team, to identify, design and build secure identity and access methods for applications and infrastructure platforms.

The Security Engineer will be able to enhance knowledge of IAM platforms and collaborate with internal AAP team members and platform teams to apply industry best practices to AAP architecture. The role will be analyzing identity & authentication mechanisms from a security perspective; and designing the IAM architecture to meet the requirements.

A successful candidate will have experience working through ambiguity, helping to define security requirements with Managers and IT Architects, and incorporating feedback, and identifying potential problems before they become real problems.

OPEN TO REMOTE WORK WITHIN THE EST ZONE.

Job Responsibilities:

• Design and implement the access management for Cloud platforms and 3rd party identities to enable the business for secure transactions.

• Evaluate the Azure access management functionalities to align with the IAM policies.

• Manage projects related to Business/IT processes supporting hybrid cloud environment.

• Support PAM, MFA, and other Enterprise IAM controls cloud environments.

• Work extensively with domain and application architects to identify, design, and deliver modern secure authentication patterns and services.

• Provide guidance on integrating the identity management authentication and authorization framework into existing applications.

• Conduct workshop with application architects for documenting requirements for 3rd party identity management.

• Evaluate current tools and next gen IAM tools to provide detailed roadmap for 3r party identity management.

• Coordinate with IT Infrastructure and Security Architecture & Engineering to define and implement secure baseline configurations for current platforms supporting 3rd party identities.

• Engage with SecOps to mature access monitoring for Cloud and 3rd party identities.

• Publish IAM security posture metrics for access events of Cloud platforms and 3rd party identity risk management.

Qualifications

• 5+ years relevant experience managing complex IAM implementation projects.

• Preferred Certifications like CISSP, CCSP, etc

• Working experience with industry IAM tools like IBM ISIM, Okta, Thycotic, CyberArk, Sailpoint, etc.

• Preferred experience with scripting languages (PowerShell, Python, bash).

• Advanced understanding of IAM solutions and related technologies including Azure AD, FIM/MIM, Kerberos, LDAP, claims, group and role mapping, PKI, PIM, DNS, DHCP and GPO implementations.

• Working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies

• Experience in Cloud migration and Azure identity management

• Familiar with IAM-related protocols such as SAML, SCIM, OpenID, and OAuth.

#LI-KN-AAP