IAM Lead Architect

Please Note: As of July 22, 2021, our team will require that all candidate submissions include a LinkedIn profile. Please do not submit any candidates that do not have a LinkedIn.

Position Summary:

The primary focus areas for this position are the following:

• Produce security architecture deliverables as part of initiatives related to certificate services and identity and access management
• Partner with IT teams to design and deliver architectures to enable federated access and single sign on in cloud and hybrid environments
• Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation
• Innovate and lead others to solve complex issues Your Responsibilities
• Drive the Identity and Access Management and secrets management architecture roadmap and share with AES stakeholders
• Participate in discovery workshops to understand client's and Workforce IAM and security needs and provide best practice recommendations to meet IAM use cases
• Develop design and architectural diagrams that clearly communicate the proposed solution and flows
• Actively participate in the cross-functional team meeting, developing project plans, implementation, testing, pre / post go-live activities, risk management and issue management
• Architect solutions utilizing Ping Identity Products, PlainID and similar IAM products, such as IGA tools, Virtual Directory, PAM and Secret Management solutions
• Create IT security standards easily consumed by stakeholders
• Evaluate the existing application security controls, (on-premise and cloud), identify improvements, and build plans into the application security capability roadmap for implementation
• Build access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets mgt) and designs as part of initiatives to modernize the DTCC access management security posture
• Mentor junior security engineers and architects to enhance their cybersecurity and architecture skills

Required Skills : Qualifications - 8-10 years of related experience - Bachelor's degree preferred - Specific Skills and Technologies - Strong cybersecurity experience in architecting implementations using Ping Identity products (especially PingFed, PingOne, PingID, and PingAuthorize) is required. - Experience with most standard IAM security protocols (Eg: OAuth, OIDC, RACF, SAML, LDAP, ID Federation, SSO, MFA, UEBA) is required. - Experience architecting solution using products like API Gateway, IGA and Virtual Directory is required. - Strong experience in identifying access management control gaps - Experience with Information Security frameworks (e.g., ISO 2NA01, CIS, MITRE ATT and K and NIST) and security architecture frameworks - Experience architecting automated data centre processes, including provisioning, application, and patch management, monitoring and alerting, capacity monitoring and planning, leveraging execution and human approval workflow design and implementation - Experience in OS security (Windows, Linux), Network security (Firewall, Proxy, WAF) and RDMS is preferred - Strong communication skills with the ability to present in front of large audience
Rank :B1
Requested Date :2024-04-15