This IT Security Administrator position will focus on configuring systems related to external/customer Identity and Access Management systems. IT Security Administrators are responsible for a broad range of tasks including administration of information security tools and devices, security information and event management. The individual in this position interacts closely with product vendors and service providers, with personnel from various IT departments including the application development, operations, network, and privacy teams. IT Security Administrators are assigned to moderately complex systems, projects and initiatives. IT Security Administrators also implement policy as well as install and configure various types of software.

Essential Functions:

• Perform installation and configuration management of external customer Identity and Access Management systems
• Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security and host-based security systems.
• Recommend, schedule and apply patches, remove or otherwise mitigate known control weaknesses
• Perform remedial actions as a result of threat and vulnerability assessments or audits.
• Locate and repair security problems and failures
• Prepare and analyze security incident and event data reporting
• Train others on the use of security tools and resolution of security issues
• Develop and maintain documentation for security systems, procedures and security diagrams
• Research, recommend, evaluate and implement information security solutions
• Monitor and analyze unusual or suspicious activity and make recommendations for resolution
• Serve on projects and initiatives to develop, plan and implement network and distributed system security technologies
• Serves as a liaison with product vendors and service providers in support of application development, operations, network and privacy teams
• Perform system and application vulnerability testing
• Support information security architectural requirements.
• Serve on projects, initiatives or work groups as assigned which may include Event Management, Identity and Access Management, Risk and Control Assessment, Threat and Vulnerability Management.

Qualifications:

• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management
• Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
• Strong technical knowledge of current systems, software, protocols and standards. including TCP/IP and network administration/protocols
• Experience developing, documenting and maintaining security procedures.
• In-depth knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools.
• Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
• Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
• Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
• Ability to manage tasks independently and take ownership of responsibilities
• Ability to learn from mistakes and apply constructive feedback to improve performance
• Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
• Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
• Ability to adapt to a rapidly changing environment
• High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.

Preferred Qualifications:

• Experience with IAM solutions such as CA-SiteMinder, ForgeRock, Okta, Ping
• Health care industry related experience is preferred
• Information Security certifications preferred (CISSP, CISM)
• Experience using Agile methodology
• Extensive experience with IT Infrastructure Services components and how to enable the business while at the same time providing the appropriate level of Security controls
• Experience with Network Security principles, such as Firewalls, perimeter defenses, load balancers, proxy servers
• Experience with End-Point, Remote Access, Network Systems Management, Messaging & Collaboration, and Logging & Monitoring Security solutions
• Big Data architectures such as Hortonworks suite of products: Hadoop, Kafka, Redis, and Object Storage principles
• Amazon Web Services ""AWS"" and Microsoft Azure deployment, Security, Network, and Operational architectures and solutions
• Identity and Access Management “IAM” concepts and principles such as federation, delegated access (user managed access “UMA”), single sign on, OAuth, and OpenID.
• Securing Digital Engagement models such as mobile, IOT, wearables, etc.
• Security engineering for API gateways, REST Web Services, JSON Web Tokens “JWT”, SOAP
• Knowledge of CMS ARS controls and ability to design security controls to support control objectives

Experience Required:

• 5+ Years Information Technology Experience
• 5-8 years Security, Application or Systems Architecture Experience

Education Level Education Details:

• Bachelor's degree required or relevant work experience