Opportunities

Senior Identity and Access Management (IAM) Engineer - Job# 72445BR

Edward Jones
Remote
Job-Overview


Team Overview:


The Senior IAM Engineer helps architect, deploy and operate a secure application infrastructure that aligns with business needs. The position is responsible for supporting operational innovation and providing security direction to the business to elevate the company’s security posture within a cloud computing infrastructure. An advanced role, the Senior IAM Engineer helps deliver applications at scale and with resiliency to support business initiatives. The Senior IAM Engineer is also expected to possess administrative and troubleshooting skills, and be knowledgeable about architecture, engineering and design principles. The Senior IAM Engineer should be adept at dealing with disparate applications and data systems to maintain the level of rigor required to adhere to business direction. Along with depth of system coverage, the role requires planning and design of policies and maintenance.


What You'll Do:


In tandem with security leadership, consistently assess the threat landscape and adapt quickly to protect the business from risk. The Sr. IAM Engineer must:


Identity and Access Management automation – preferred Saviynt experience but will accept experience with SailPoint
Be self-driven with minimal daily oversight required.
Design and implement security architectures and strategies to safeguard information system resources and assets.
Ensure integration of technology that upholds the Information Security policies and standards, as well as meets firm business objectives.
Identify opportunities for security process improvement.
Provide support of critical security infrastructure components to ensure system availability.
Maintain awareness of security technology direction, trends, and related issues.
Develop long-term strategy for supported security system.
Actively mentor and train other associates in their area of expertise.
Provide direction as to the effective use of technology within the enterprise architecture.
Provide leadership related to technical aspects of tools, methodologies, best practices and processes and standards that apply to their technical area of expertise.
Research technical improvements and takes the initiative to communicate/implement solutions.
Participates and represents area in cross-functional groups.
Communicates issues and problem resolutions with all affected stakeholders, business areas and vendors.
Research requirements to determine system feasibility, costs, benefits, or functional requirements.
Ensure prudent use of the firm’s financial resources


Etc.
For more information, contact:

Sr. Security Architect - RedID - R-2022-11-101

SiriusXM
Farmington Hills, MI
The Senior Security Architect is responsible for the planning and the executing of enterprise security strategy. The position will be the key resource working to steadily improve and maintain the security architecture posture of all Sirius XM + Pandora brands. The successful candidate will be responsible for ensuring the security of our hybrid cloud infrastructure while focusing on the service delivery and vehicle communication security. This position will play a key role in shaping enterprise security innovation, guiding and mentoring users on best practices as pertains to security architecture.

What you’ll do:

Develop and mature security risk documentation on major projects and systems (PSP) with collaboration with various business units.
Conduct risk analysis and assessments for discreet projects and systems.
Plan for company-wide security efforts. Plans security systems by evaluating network and security technologies, developing requirements for on premises networks, cloud environments, SIAM, firewalls, and related security and network appliances.
Work as part of a matrixed-security team to provide security guidance for the enterprise environment, with the goals of maturing the audio, streaming, and telematics service delivery security policy and technology frameworks.
Improve security posture of the enterprise and support a culture of security-awareness.
Advise stakeholders and service owners on risk management and how to effectively balance security/business requirements, and provide advice during security design and assessment, communicating mitigation strategies to both technical and non-technical audiences.
Determine security requirements by evaluating business strategies and requirements, researching security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, and identifying integration issues.
Answer technical and procedural questions for less experienced team members, teaching improved processes, and mentoring team members.
Designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software, and adhering to industry standards.
Updates enterprise security knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.
Enhances department on reputation by accepting ownership for accomplishing new and different requests, exploring opportunities to add value to job accomplishments.
Develop and implement reference security architecture for common use cases.
Integrate policies with and ensure compliance to enterprise security policies and standards.

What you’ll need:

Bachelors or Master’s Degree in a Cybersecurity, computer science, or related discipline, or equivalent, relevant experience.
CISSP certification, with one or more other professional certifications preferred (CCSP, OSCP, GSEC, GCIA, CISM, CEH, etc.)
10+ years of information security architecture; wireless security architecture is desired.
Expertise in secure cloud architecture including containers, SDN, HA, serverless compute
Experience with IaC tools like Terraform, CloudFormation, or GCP Deployment Manager
Working knowledge of OS administration and security vulnerabilities, in particular those exploitable in ransomware attacks.
Experience implementing and maintaining Zero-Trust environments
Knowledge of TCP/IP and related data network protocols: TCP, ARP, ICMP, DHCP, HTTP, SNMP etc., and accompanying protocol analysis tools (Wireshark, TCPDump, etc.)
Monitoring and Securing sidecar load balancing environments (Envoy/Istio)
Knowledge of compliance requirements PCI DSS, SOX, SOC, etc.
Knowledge of fundamental networking concepts: BGP, VPNs, OSI model
Experience with collaborating and ticketing tools such as Jira and Google Workspace.
Good public speaking and presentation skills.
Interpersonal skills and ability to interact and work with staff at all levels.
Excellent written and verbal communication skills.
Ability to work independently and in a team environment.
Ability to pay attention to details and be organized.
Ability to project professionalism over the phone and in person.
Ability to handle multiple tasks in a fast-paced environment.
Commitment to “internal client” and customer service principles.
Willingness to take initiative and to follow through on projects.
Excellent time management skills, with the ability to prioritize and multitask, and work under shifting deadlines in a fast-paced environment.
Must have legal right to work in the U.S.

At SiriusXM, we carefully consider a wide range of factors when determining compensation, including your background and experience. These considerations can cause your compensation to vary. We expect the base salary for this position to be in the range of $130,000 to $170,000 and will depend on your skills, qualifications, and experience. Additionally, this role might be eligible for discretionary short-term and long-term incentives. We encourage all interested candidates to apply.

Our goal at SiriusXM is to provide and maintain a work environment that fosters mutual respect, professionalism and cooperation. SiriusXM is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, ancestry, alienage or citizenship status, age, disability or handicap, sex, gender identity, etc.
For more information, contact:

Cyber Security Manager

Reynolds & Reynolds
Farmington Hills, MI
Open Dealer Exchange has a direct hire opportunity for a Cybersecurity Manager to join the team. This position will be responsible for managing all aspects of cybersecurity in a highly regulated and compliance-driven environment. The Cybersecurity Manager will function as part of the management team, providing input to all layers of the organization providing more secure processes, audits, and environment.

Responsibilities:

- Work with IT and business leaders to develop corporate and cybersecurity standards to maintain and improving upon Open Dealer Exchange’s highly secure technical landscape.
- Develop policies, procedures, and standard reports for identifying and/or verifying potential breech of information security, confidentiality and with validation and regression testing.
- Create new information system audits as part of all system implementations managing sensitive information.
- Provide training plans for security awareness throughout the organization.
- Modify existing information system audits as part of all system upgrades managing customer information.
- Develop, maintain, and utilize system for tracking all audit results (proactive and reactive).
- Work with Human Resources and Executive Team to address any confirmed breach situations (incident response)
- Use tools to monitor and alert on potential security issues (IDS/IPS, dynamic and static application scans, etc)
- Coach and mentor other security professionals to provide career growth and increase job satisfaction.

Requirements:

Minimum of five years of experience managing IT and corporate security in a highly regulated and compliant organization dealing with standards such as PCI and/or HIPAA. CISSP, CISM or other similar certifications are preferred
Minimum 5 years of Cybersecurity management experience
Bachelor's degree in Computer Science, Information Systems, or related field
Knowledge of Penetration Testing methodologies and technologies
Experience with vulnerability resolution best practices
Knowledge of best practices for security (BSIMM, OWASP, etc.)
Knowledge of PCI, NIST, and similar Cybersecurity Frameworks
Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP Networks
Knowledge of network and web related protocols (eg, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
Understanding of the system hardening processes, tools, guidelines, and benchmarks
For more information, contact:

Senior Cybersecurity & Identity Architect

Pacific Northwest National Laboratory (PNNL)
Virtual Position

Overview:

The Cyber Security & Digital Operations Division at Pacific Northwest National Laboratory (PNNL) seeks a senior cybersecurity architect with strong experience in identity and access management to join its leadership team and help drive positive change towards a more secure tomorrow. This role will be an integral part of the Chief Information Security Officer’s leadership team and will collaborate directly with senior architects from other IT-related domains in setting the technological roadmap for the Lab. While much of the focus of this role will revolve around identity and related cloud security technologies, a large portion of the work will also involve adjacencies including privileged account management, securing and configuring tenancies, secure networking, encryption, data protection, and/or key/certificate management.


Responsibilities:

Represent the Cyber Security Group in evaluating technology initiatives and projects to determine advanced cybersecurity requirements and controls necessary to comply with company policies, standards, and industry best practices.

Evaluate existing and proposed technical architectures for security risk, provide technical advice to support the design and development of secure architectures and recommend security controls to mitigate those risks.

Coach stakeholders throughout the business on cyber security processes, from project managers and developers to director-level management with a focus on Identity and Access Management.

Consolidate IAM and other security needs and interests of diverse stakeholders with established cyber security requirements to drive innovative solutions to the challenges we face.

Participate in research and development in the broad field of cyber security (e.g., defining security architectures for public cloud, Kubernetes-based infrastructures, or operational technology) as well as follow and share knowledge on evolving standards, security best practices, and open-source software.

Align identity and access management solutions with industry security standards and frameworks and cloud security best practices.

Provide creative and innovative solutions that bridge the gap between requirements and cloud capabilities.

Demonstrate flexibility and resilience in response to changing or ambiguous situations.

Evangelize security and application solutions and controls by creating and communicating presentations both internally and externally.

Stay current on industry trends and cloud provider capabilities.


Qualifications - Minimum Qualifications:

BS/BA with 9 years of experience.
MS/MA with 7 years of experience.
PhD with 5 years of experience.


Preferred Qualifications:

Experience in the area of software architectures and cyber security, preferably with a focus on IAM (e.g., Identity Federation, SSO (OAuth 2.0, OpenID Connect, SAML federation), access management and authorization (RBAC/ABAC/etc.), or related topics in the field of operational technologies.

Hands-on experience in the field of cloud computing as an architect, in development and/or operation, especially Kubernetes, AWS, GCP, or Microsoft Azure.

Experience integrating identity and access management software into cloud infrastructure and applications.

Experience developing identity management strategies, architectures and implementation plans.

Diverse knowledge of security architectures as well as ability to clearly present and communicate on technical subjects to various audiences.

Understanding of current regulatory environment and related implications to identity management and security/audit compliance.

Experience leading business requirements gathering, translating those into system requirements, and facilitating business process design.

Enjoy developing cyber security architectures and have advanced knowledge of cybersecurity principles evidence by related industry certifications.
For more information, contact:

Cybersecurity Analyst II (Remote)

Home Depot
Atlanta, GA
Position Purpose:

Protecting what matters most to our associates and consumers by securing our sensitive data and critical assets from current and emerging threats.

At The Home Depot Cybersecurity consists of Architecture, Governance, Identity & Access Management, Internal Threat Operations, Issue and Compliance Management, Risk Assessment/Advisory, Security Consulting, Security Operations, Service Optimization and Strategic Planning Analysts II perform data gathering, analysis, synthesis and develop solutions to support THD Cybersecurity practices.


Key Responsibilities:

60% Analysis – Synthesize data to develop a solution, communicate the solution to stakeholders Analyze problems, structure the issue and perform analysis.

10% Collaborate – Partner cross-functionally to identify trends and resolve issues.

30% Drive Execution – Ensure initiative/project goals are met in a timely manner Implement solutions to meet customer expectations.


Minimum Years of Work Experience:

2


Work Location:

Remote/virtual – An associate in a remote/virtual role typically is not required to work from a designated Home Depot location to complete their job duties. Limited or infrequent in-office presence may be required. We also refer to this as location – independent.
For more information, contact: