This role will serve as a key stakeholder in designing and implementing the identity security strategy across multiple aspects of our client’s technology footprint. While the focus of this role will be cloud identity, a successful strategy must leverage significant input from resources and systems in our client's established on-premises identity structure. The candidate will be required to identify security gaps, craft plans to close those gaps, and work with business partners for buy-in and rollout execution. The cloud properties in scope include multiple public IaaS/PaaS providers as well as numerous SaaS applications.
This is an important role that will help shape and mature the identity strategy across the company. The candidate will be responsible for building and integrating secure identity methodologies into existing cloud projects, as well as establishing documented guidelines for new applications – both internally developed and off the shelf. This role is well suited to a security focused, forward leaning individual who solves problems with a risk-based approach.
- Bachelor’s degree or equivalent experience
- Minimum of three years’ experience with one or more of the following areas: network security, application security, endpoint security, system administration, identity and access management, data security, incident response or penetration testing
- Operational experience with public cloud infrastructure providers (AWS, Azure or Google Cloud) is preferred
- A thorough understanding of SAML authentication and experience integrating applications with common identity providers
- Experience integrating with a SIEM or other security monitoring environment is preferred
- Broad knowledge of core information security principles (e.g. access control, least privilege, data integrity) and security capabilities
- Experience in evaluating, recommending, and implementing new and emerging security products and technologies
- Excellent verbal and written communication skills
- Strong understanding of Linux and Windows operating systems and controls
- Experience with Active Directory required
- Experience with cloud identity providers (Azure AD, Okta, Ping etc) preferred
- Experience with DevOps and Agile methodologies preferred
- Design and implement cloud identity security controls for Technology Organization in both IaaS/PaaS and SaaS environments
- Apply advanced knowledge and functional experience with authentication and authorization mechanisms to modernize and secure our client's identity strategy
- Assess existing cloud implementations, identifying identity security issues and prioritizing fixes
- Work with engineering and operations teams to implement identity threat detection signals, deploy new tooling and improve response capabilities both in cloud and on-prem environments
- Help refine identity security methodologies in cloud DevSecOps processes
- Provide subject matter expertise in support of overall migration to public and hybrid cloud service architecture
- Create architecture solution roadmaps for linking SSO and Federated services with internal business processes and technologies
- Engage and empower Technology Organization personnel and other business units to understand and apply information security concepts to mitigate corporate risk
- Provide expertise in workflow, policy and external integration with Privileged Identity Management tools
- Plan, coordinate and provide subject matter leadership on information security projects
- Help customers understand and apply identity security concepts, processes, and technologies
- Demonstrate company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment
- United States citizenship is required
- Consulting experience; ability to understand business requirements and present appropriate solutions
- Ability to work independently or within a team
- Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
- Must pass NERC CIP & Insider Threat Protection background checks
- Occasional travel to local and regional locations in pursuit of the job duties and requirements.
Our LARGE COMPANY CONFIDENTIAL CLIENT is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.