Senior Technology Security Engineer (IAM)

About The Position

Requirements

• Bachelor's degree, preferably in information security, information technology, or a related field, or equivalent relevant experience
• Eight years of experience in information security, identity and access management, or related roles, including at least four years of experience in information security
• Master's degree, preferably in information security, information technology, or a related field or equivalent related experience and six years of experience in information security, identity and access management, or related roles, including at least four years of experience in information security
• Information security certifications (CISSP, CCSP, CCSK, AWS, Azure, Security+, CEH, GSEC) preferred
• Advanced knowledge of information security and privacy standards, concepts, principles, technologies, and audit practices
• Advanced knowledge of information technology including network, servers, cloud, and PKI/cryptography and identity and access management technologies
• Excellent knowledge of identity and access management concepts, principles, technologies
• Excellent ability to assess and report on information technology risks
• Strong knowledge of Linux and Windows operating systems
• Strong knowledge of secure cloud solutions within AWS, Google, and/or Azure cloud platforms
• Strong ability to perform and create automation tasks with tools (i.e., PowerShell, Python) preferred
• Experience in designing, building, and maintaining information security systems
• Excellent analytical and problem-solving abilities
• Strong verbal and written communication skills
• Excellent ability to work effectively with others at varying levels
• Excellent documentation skills
• Ability to lead moderate to highly complex technology projects

Nice To Haves

• Prior experience in the insurance industry preferred
• SailPoint File Access Manager
• CyberArk Privileged Cloud
• Atlassian BitBucket
• Atlassian Confluence
• AWS EC2, Lambda
• SharePoint

Responsibilities

• Serves as an information security subject matter expert on highly complex enterprise projects, software, and hardware enhancements.
• Identifies information security risks, provides recommendations, builds, and configures solutions, and troubleshoots issues.
• Collaborates with IT and security teams on project plans and meets with stakeholders to assess impacts and dependencies.
• Leads project activities to ensure timely deliverables and supports the establishment of a roadmap by evaluating and recommending new tools
• Leads highly complex information security projects across all security teams.
• Designs, builds, deploys, and maintains information security systems, including identity governance and access management solutions.
• Ensures the efficient operation of information security systems and resolves intricate security problems.
• Researches, evaluates, and proposes new information security solutions.
• Aligns information security systems with architectural requirements and strategies.
• Provides implementation and cost estimates for new solutions, including training requirements and system administration processes
• Collaborates with stakeholders to ensure the efficient operation of information security systems in alignment with architectural requirements and strategies
• Identifies and documents of highly complex information technology risks, assesses risk levels, recommends risk treatment, coordinates risk acceptance and remediation, and ensures appropriate remediation occurs
• Serves as the primary contact on assigned internal and third-party IT processes, risk assessments, and audits.
• Provides advice to key stakeholders on the security-relevant impact of findings
• Serves as security subject matter expert, collaborates with stakeholders, offers guidance, and serves as main security point of contact during project planning and implementation
• Leads troubleshooting sessions and knowledge transfers to resolve security issues including identity governance and access management
• Recommends solutions for aligning technology areas with future needs
• Collects and provides documentation for internal and external audits and assessments
• Documents information security systems policies, procedures, standards, needed improvements, and guidelines
• Maintains the document life cycle, including periodic reviews, updates, and approval cycles
• Oversees assigned security tools/services and vendor life cycle management
• Schedules vendor meetings to review products, services, and vendor/tool roadmaps
• Drives renewals and new purchases through the our clients vendor management and purchase process