Senior Technology Security Engineer (IAM)
Description:
About the job
Our client is all about working together to make an impact. As part of our team, you’ll have the opportunity to grow, contribute, and gain experience that matters. We strive to be caring leaders, close partners, and responsive experts—always supporting each other to do our best work. Join us, and let’s improve lives together.
The Senior Technology Security Engineer will be responsible for the design, build, deploy and support of our clients Privileged Access Management (PAM) platform implemented in CyberArk Cloud, including infrastructure, servers, services and privileged accounts that are part of the overall IT ecosystem.
The Senior Technology Security Engineer will collaborate with various teams to ensure the seamless integration and effective use of CyberArk for managing privileged access, monitoring, and securing sensitive accounts.
Serves as an information security subject matter expert on highly complex enterprise projects, software, and hardware enhancements. Assesses information security risks, recommends risk treatment, coordinates risk acceptance and remediation, and ensures appropriate remediation occurs. Serves as PAM subject matter expert, collaborates with stakeholders, offers guidance, and serves as main security point of contact during project planning and implementation and maintains the vendor relationship. Collects and provides documentation for internal and external audits and assessments. Oversees assigned security tools/services and vendor life cycle management.
Essential Functions
Serves as an information security subject matter expert on highly complex enterprise projects, software, and hardware enhancements.
Identifies information security risks, provides recommendations, builds, and configures solutions, and troubleshoots issues.
Collaborates with IT and security teams on project plans and meets with stakeholders to assess impacts and dependencies.
Leads project activities to ensure timely deliverables and supports the establishment of a roadmap by evaluating and recommending new tools
Leads highly complex information security projects across all security teams.
Designs, builds, deploys, and maintains information security systems, including identity governance and access management solutions.
Ensures the efficient operation of information security systems and resolves intricate security problems.
Researches, evaluates, and proposes new information security solutions. Aligns information security systems with architectural requirements and strategies.
Provides implementation and cost estimates for new solutions, including training requirements and system administration processes
Collaborates with stakeholders to ensure the efficient operation of information security systems in alignment with architectural requirements and strategies
Identifies and documents of highly complex information technology risks, assesses risk levels, recommends risk treatment, coordinates risk acceptance and remediation, and ensures appropriate remediation occurs
Serves as the primary contact on assigned internal and third-party IT processes, risk assessments, and audits.
Provides advice to key stakeholders on the security-relevant impact of findings
Serves as security subject matter expert, collaborates with stakeholders, offers guidance, and serves as main security point of contact during project planning and implementation
Leads troubleshooting sessions and knowledge transfers to resolve security issues including identity governance and access management
Recommends solutions for aligning technology areas with future needs
Collects and provides documentation for internal and external audits and assessments
Documents information security systems policies, procedures, standards, needed improvements, and guidelines
Maintains the document life cycle, including periodic reviews, updates, and approval cycles
Oversees assigned security tools/services and vendor life cycle management
Schedules vendor meetings to review products, services, and vendor/tool roadmaps
Drives renewals and new purchases through the our clients vendor management and purchase process
Education & Experience
Bachelor's degree, preferably in information security, information technology, or a related field, or equivalent relevant experience
Eight years of experience in information security, identity and access management, or related roles, including at least four years of experience in information security
Master's degree, preferably in information security, information technology, or a related field or equivalent related experience and six years of experience in information security, identity and access management, or related roles, including at least four years of experience in information security
Information security certifications (CISSP, CCSP, CCSK, AWS, Azure, Security+, CEH, GSEC) preferred
Prior experience in the insurance industry preferred
Knowledge, Skills, & Abilities
Advanced knowledge of information security and privacy standards, concepts, principles, technologies, and audit practices
Advanced knowledge of information technology including network, servers, cloud, and PKI/cryptography and identity and access management technologies
Excellent knowledge of identity and access management concepts, principles, technologies
Excellent ability to assess and report on information technology risks
Strong knowledge of Linux and Windows operating systems
Strong knowledge of secure cloud solutions within AWS, Google, and/or Azure cloud platforms
Strong ability to perform and create automation tasks with tools (i.e., PowerShell, Python) preferred
Experience in designing, building, and maintaining information security systems
Excellent analytical and problem-solving abilities
Strong verbal and written communication skills
Excellent ability to work effectively with others at varying levels
Excellent documentation skills
Ability to lead moderate to highly complex technology projects
Desired Skills
SailPoint File Access Manager
CyberArk Privileged Cloud
Atlassian BitBucket
Atlassian Confluence
AWS EC2, Lambda
SharePoint