This posting has been closed |
This position is a key member of the Cyber Security Administration and Engineering team responsible for the engineering, implementation, configuration, tuning, and maintenance of customer identity and access management systems. The role will focus on systems and tools associated with external identity and access management capabilities including new implementations and optimization of existing technologies. The position will be responsible to support the introduction of technology and processes to optimize countermeasures for business services (IaaS, PaaS, SaaS, DaaS, etc.). Specific deliverables will support the implementation of IAM technologies within ForgeRock, CA SiteMinder, IBM and Oracle platforms and will include LDAP, SSO, SAML, OAuth and Web Services security (SOAP and REST).
- Performs installation, testing, monitoring, configuration, migration, maintenance and troubleshooting of assigned technology
- Manages system/application environment and ongoing operations
- Proactively monitors and reports performance and utilization of assigned technologies
- Troubleshoots software and/or hardware issues/failures
- Resolves alerts and performs remediation activities
- Manages problem or escalated tickets and tasks and out of cycle requests from systems/software owners
- Collects and presents data for reporting and planning
- Assists with developing tactical strategies, processes, and procedures related to systems/application administration
- Collaborates with IT and business area partners on workgroups and initiatives
- Assist in the identification of alternative configurations and approaches to enable business needs
- Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts, and risks
- Develops and maintains documentation for security systems, procedures, and security diagrams
- Analyzes, proposes, and implements solutions concerning residual risk, vulnerabilities, and other security exposures
- Participates on assigned projects, ensuring that security best practices and requirements are considered and addressed
- Participates in initiatives to identify, select and implement technical controls
- Develops information security processes, policies, and procedures
- Advises on service level agreements and works to ensure that security controls are managed and maintained.
- Other duties as assigned
Must have:
- Identity and Access Management (IAM) experience
Strongly preferred:
- API Security: REST and SOAP (WS-SE)
- IaaS, PaaS, SaaS understanding
- Microservices experience (Kubernetes, Docker, etc.)
- Software Development Lifecycle: Waterfall and Agile
Additional Requirements:
- 2-4 years of experience in Systems and Information Security administration with at least 1-2 years of professional experience related to Identity and Access Management programs
- More than 2 years’ experience with the Forgerock stack: OpenAM, OpenDJ, and OpenIDM
- More than 2 years’ experience with the CA SiteMinder stack.
- Hands-on experience with the implementation of Identity Management/Identity & Access Management products (i.e. CA Single Sign-On, ForgeRock, etc.).
- Hands-on experience with implementing and supporting SAML and SSO technologies.
- Hands-on experience with implementing and supporting REST Services secure gateway
- Knowledge of directory server (Oracle, TDS, AD, LDAP, etc.)
- Experience with Oracle and SQL databases.
- Understanding of how to secure cloud-based solutions (e.g. PaaS, SaaS or IaaS).
- Demonstrate a working knowledge of multiple technologies and their interfaces and integration
- Competency in one or more environments highly integrated with an operating system
- Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations
- Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management
- Knowledge of network infrastructure including routers, switches, firewalls, and associated network protocols and concepts.
- Experience developing, documenting and maintaining security procedures.
- Knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools.
- Ability to manage tasks independently and take ownership of responsibilities
- Ability to learn from mistakes and apply constructive feedback to improve performance
- Strong customer focus with the ability to manage customer expectations and experience and build long-term relationships.
- Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
- Ability to adapt to a rapidly changing environment
- Critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
Preferred:
- Experience analyzing business requirements and translating them into technical solutions
- Industry-standard Cloud certifications: Certificate of Cloud Security Knowledge (CCSK),
- Certified Cloud Security Professional (CCSP), CompTIA Cloud+
- Industry-standard Cyber Security Certifications: CompTIA Security+, CSANS GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (ISC2 SSCP)
Skill | Proficiency | Years Experience | Percent Used |
---|---|---|---|
IAM | 3 - 6 | 100% | |
Information Security | Any | 100% | |
Applications Security | Any | 75% | |
Cyber Security | Any | 75% | |
LDAP | Any | 75% | |
PaaS | Any | 75% | |
REST | Any | 75% | |
SaaS | Any | 75% | |
SOAP | Any | 75% | |
Vulnerability Managment | Any | 75% | |
IaaS | Any | 50% | |
IBM I Access | Any | 50% | |
IBM Siteminder | Any | 50% | |
Network Infrastructure | Any | 50% | |
Agile Methodology | Any | 25% | |
Database Maintenance | Any | 25% | |
Docker Containers | Any | 25% | |
Firewall | Any | 25% | |
Microservices | Any | 25% | |
Network Protocols | Any | 25% | |
OAuth | Any | 25% | |
Risk Assessment | Any | 25% | |
Routers | Any | 25% | |
SAML | Any | 25% | |
SQL | Any | 25% | |
Switches | Any | 25% | |
WebServices | Any | 25% |
Certificate of Cloud Security Knowledge (CCSK) | Preferred |
Certified Cloud Security Professional (CCSP) | Preferred |
CompTIA Cloud+ | Preferred |
CompTIA Security+ | Preferred |
CSANS GIAC Security Essentials (GSEC) | Preferred |
Systems Security Certified Practitioner (ISC2 SSCP) | Preferred |