Senior Security Information Engineer - Identitay Access Management

Responsible for analyzing the information security environment and developing security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. Confer as required with management, development personnel, risk assessment staff, auditors, facilities management, and other relevant personnel to identify and implement security plans for data, software applications, hardware, telecommunications, and computer installations. Function as technical lead for design, operations and maintenance for a critical security system(s) such as intrusion detection systems, forensics systems, firewall software and operating platforms or extranet/intranet access management systems.

Essential Duties and Responsibilities – (Key Activities)

● Research, evaluate, design, test, recommend and plan implementation of new or improved information security software or devices: analyze new or enhanced software application or tool implementations for implications to existing security software and devices.

● Ensure the protection, integrity, confidentiality, and availability of information in the custody of or processed by the Company by: respond in a timely manner to a loss or misuse of information assets; participate in investigations of suspected information security misuse or in compliance reviews as requested by auditors; communicate unresolved security exposures, misuse or noncompliance situations to management.

● Research and consult with key technology suppliers and industry consultants to evaluate, select, install, and configure hardware and software systems that provide appropriate security functions.

● Assist resource owners and IT staff in understanding and responding to security audit failures reported by internal and external auditing departments.

● Review operation logs and event console activity to determine cause of security related events or to identify potential security related events.

● Provide technical consultation in new systems development and enhancement of existing systems related to system security.

● Aid in review of security policies and guide the administration of security tools that control and monitor information security, including: access control, alert on and investigating potential misuse or breaches, design computer system access and reports to limit risk and identify possible security violations, document data privacy and protection.

• Participate in business process evaluation/improvement activities, requirements gathering, system analysis, system design, software / hardware applicability studies and system implementation and executes projects based on these activities
• Manage schedules and plans to ensure timely completion of project deadlines.
• Partner with other IAM architects and initiatives.
• Coordinate communications with internal and external teams.

Band Level: 6

Salary range: Base plus potential bonus

QUALIFICATIONS

Education –

Bachelor's or master's degree in a relevant field of work or an equivalent combination of education and work related experience. Security certifications such as CISSP are desired.

Experience –

8 years progressive work related experience in IT, with a broad range of exposure to business planning, systems analysis, application development, and information security with mastery of technical and business knowledge and understanding of multiple disciplines/process related to the position. Typically leads/mentors less experienced staff of complex projects in area of expertise.

Technical Skills and Knowledge –

Specific technical knowledge of security technologies related to the following areas:

Advanced knowledge and understanding of IT Security and Identity & Access Management principles, policies, technical solutions and best practices, such as:

o Identity Lifecycle Management, Access Management, Federation, Access Governance, Role mining, Strong Authentication and Privileged Account / Access Management

o Security operations, incident response, and risk management.

Provide thought leadership and drive technology aspects of solution architecture design, implementation, and modification activities as it related to and access management.

Ensure all technical aspects of architecture definition (solution design and analysis work) are documented and stored per enterprise standards

Experience and technical leadership with Identity and Access Management solutions and advanced level knowledge of IAM tool like Sailpoint, CA Siteminder, CyberArk, RSA Secure ID , Avatier and Bomgar

Design, monitor and maintain enterprise wide Privileged Identity and Access Management solution, multifactor/advanced authentication access, remote access, and password management.

Evaluate existing PIM/PAM configuration and lead the collection of business requirements and the design / development and provide an optimal architecture and develop roadmaps within the PIM/PAM space

Design and deliver RSA SecurID - ensure the success of major infrastructure upgrade projects for internal and external SecureID environments.

Experience with directory services like LDAP, virtual directories and meta directory technologies. Hands on experience with Radiant Logic and Active Directory preferred

Hands on experience with Advanced, Risk based, adaptive, Multifactor authentication and protocols

Familiarity with ADFS, Kerberos, NTLM, OAuth, SAML, OpenID Connect, Radius and other authentication methods.

Skilled in Active Directory concepts, including users, computers, groups, policies

Experience with web development and scripting languages (Java, Perl, Python, PowerShell, etc.)

Code/Customize the IAM product when needed and provide guidance and mentor junior resources and contractors

CISSP or similar security certification will be a plus

Unix/Linux server administration experience and demonstrated understanding of Unix LDAP bridging technology.

● Demonstrated knowledge of risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies, and security attack pathologies.

● Demonstrated project execution experience in planning, development and implementation.

● Demonstrated experience in data administration and security methods, plus experience in various technology design techniques.

● Demonstrated project management experience in organizing, planning and executing large-scale projects from conception through implementation.

● Demonstrated effective verbal and written communication skills for the purpose of providing information to clients, vendors, senior management and staff.

● Demonstrated knowledge of multi-platform environments and their operational/security considerations.

● Demonstrated effective verbal and written communication skills for the purpose of providing information to clients, vendors, senior management and staff.

.

In return we'll give you a competitive financial and benefits package which includes healthcare

and dental coverage, disability and life insurance, and a matched 401(k) program. Hotel discounts

worldwide are available as well as the chance to work with a great team of people. Most

importantly, we'll give you the room to be yourself.

So what's your passion? Please get in touch and tell us how you could bring your individual skills

to IHG by clicking "Apply Online".

IHG is an equal opportunity employer: Minorities / Females / Disabled / Veterans