Principal Information Security Engineer, Identity Security Engineering
About The Position
This position will lead strategic identity security initiatives across the company as well as delivering global Identity Provider (IdP) and privileged access management controls. The role will provide knowledge, guidance, and ownership around both internal identity and CIAM matters across a range of on-premises, cloud-hosted, and third-party SaaS platforms. The ideal candidate will have a strong background in designing and executing best practices for secure management of identity and integrating multiple technologies. We are looking for a highly collaborative technical engineer who can execute at both the strategic and tactical levels in a large, complex, and highly dynamic environment.
Requirements
- 10+ years of technical cybersecurity experience with at least 7 years of identity security experience
- Proven experience in enhancing and maturing identity security programs across enterprise technology environments
- Demonstrable experience enabling and enforcing identity security across M365 suite, internally developed applications, cloud services, and on-premises appliances
- Experience implementing and managing privileged access management (CyberArk preferred) solutions
- Experience implementing and managing IdP (Okta preferred) solutions
- Experience collaborating with cyber threat management and insider threat teams to enable detection, monitoring, and incident response efforts
- Experience implementing Active Directory governance models to ensure compliance with security policies and standards
- Strong knowledge of security frameworks and standards (e.g., ISO, NIST, ATT&CK)
- Ability to adapt and prioritize in a fast-paced work environment
- Excellent written and oral communication skills
- Work independently and within a team to build relationships and interact effectively with business partners.
- A desire to work within a diverse, collaborative, and driven professional environment.
- Candidates must be authorized to work in the United States without sponsorship.
Responsibilities
- Serve as the engineering principal on implementing secure identity practices in technology architectures, including the enterprise IdP service used for global authentication.
- Systematically modify and control identity security policy, standards and guidance to address use cases related users, on-premises services, cloud service providers, and SaaS
- Collaborate closely with teams responsible for Active Directory and authentication services to enable compliance with security policy and standards
- In partnership with the network security organization, lead the delivery of JLL’s zero trust strategy for users and third parties
- Design privileged access management controls for all privileged accounts that minimize potential for abuse while enabling detection and response to insider and external cyber threats
- Own, operate, and advance the JLL enterprise Privileged Access Management tool (CyberArk preferred)
- Serve as SME for enabling the secure design of identity services, as well as delivering controls engineering to enforce account security policies and standards
- Work with application development teams to implement best practices for CIAM in JLL’s online products
Benefits
- 401(k) plan with matching company contributions
- Comprehensive Medical, Dental & Vision Care
- Paid parental leave at 100% of salary
- Paid Time Off and Company Holidays
- Early access to earned wages through Daily Pay
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
