IS Security Lead Architect IAM 130-165K +Bonus The IS Security Lead Architect is part of the security team that ensures all Enterprise technology solutions are implemented and maintained in accordance with security best practices and organizational requirements. The team will advocate, design, and implement processes and technology relating to risk and access control across the Enterprise organization collaborates with the Information Risk group and Audit Group to identify prioritize risk components, technology audits and compliance issues. The team owns the Security Incident Response process and the Security Risk Management Program. For this position, we are looking for an Architect who is focused on Identity and Access Management (IAM). This individual is responsible for design and development of security solutions across the enterprise especially related to all aspects of IAM Active Directory, LDAP, Privileged ID Management, Federation, Single Sign-On (SSO), Authentication technologies (SAML, OAuth, OpenID, Multi-Factor authentication (MFA), etc.), and architecting IAM solutions and systems to facilitate User Life-Cycle Management, Identity and Access Governance, Automated Provisioning. The individual will facilitate and gather requirements from our clients and partners, and provide security solutions to meet their needs while aligning with Company strategies, policies, standards, and procedures. Experience architecting on premise IAM solutions integrating with services in Microsoft O365, Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud providers is desired. This individual must be able to bring together key tenets of Information Security to the IAM cloud strategies and develop technical security solutions that properly align. The individual in this role must be able to understand, interpret, and explain identity and access management strategies and direction. The Architect will contribute to the development of the IAM direction for the organization and drive IAM standards adoption. Essential Duties and Key Responsibilities Review and act upon vulnerability scans, IDS alerts, SIEM Alerts, and other security logs. Ensure that security configurations of key systems are properly implemented, monitored and reported. Produce management reporting, including appropriate metrics that inform management as to the state of information risk. Recognizes and identifies potential areas where existing security policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion. Ensure the IS organization is aware of their responsibilities and accountability for compliance with Security policies. Conduct risk assessments in new and existing technologies. Provide information risk management consulting to technology teams. Evaluate and recommend security softwarehardware and its application. Establishes alternative security measures if needed to support audit findings, known vulnerabilities, or disaster recovery efforts. Perform security testing for new systems. Work with the Infrastructure Manager to identify and arrange for deployment of appropriate compensating controls to address security and risk gaps. Ensure technology teams are made aware of security engineering and architecture projects that could be incorporated into business solutions. Lead security investigations and provide forensics services in responds to security incidents. Ensure compliance with local regulations e.g. local encryption regulations and privacy laws. Experience and Educational Requirements College degree in related technical business areas preferred 10-12 years relevant work experience preferred Well rounded understanding of technology, operations and key business processes. Member of SANS or other leading security organizations Strong organization skills Strong change management skills Highly flexible and able to adapt to change Strong problem solving and analytical capabilities Excellent written and verbal communication skills Strong influencing and negotiation skills Key Areas of Skill Focus Familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth. Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies. Federation concepts and technologies particularly with solutions from ADFS and Ping Identity. In-depth experience with Microsoft Azure, particularly Azure AD and architecture designs connecting Azure to enterprise infrastructure Strong experience with Directories, SSO, Federation, Delegated administration, API gateways, SOA services. Familiarity with Role Based Access Control (RBAC) Knowledge and hands-on experience with the following SailPoint IdentityIQ components Lifecycle Manager, Compliance Manager and certifications, Application On-Boarding, Access Request, Automated Provisioning and Workflows. Relevant Technical Skills Information Risk Management Content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, security incident response, Identity Management (IdM) OS Linux (Red Hat, SUSE), Windows (2000XP2003 Server), UNIX Network Firewalls, Proxy Servers, Reverse Proxy Servers, IPS, SEIM Software Languages Perl, Shell Standards Methodology ITIL, COBIT, SOX, PCI Office Automation Word, Excel, Outlook Planning Design Microsoft Project, Visio
Associated topics: attack, forensic, idm, information assurance, information security, information technology security, malicious, security, security analyst, vulnerability
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.