ESR Healthcare
Iam security architect Tampa dallas
ESR Healthcare, Tampa, Florida, us, 33646
Position Title:
Security Architect
Location:
Tampa/Dallas
Experience Level:
Associate
Experience Required:
10 Years
Education Level:
Bachelor’s Degree
Job Function:
Information Technology
Industry:
Financial Services
Pay Rate:
$85 per hour
Total Positions:
1
Relocation Assistance:
No
Business Unit Description
Mission:
Drive efficient and effective security capabilities through innovative thought leadership with a security-first mindset which advances DTCC’s mission to protect & shape the financial markets.
Vision:
A strong adaptive cybersecurity environment that continuously secures & protects its services to the financial industry.
Purpose:
Cybersecurity Architecture is a core pillar of Architecture and Enterprise Services within the Information Technology (IT) business unit. The team is responsible for designing architecture solutions for information security functions and publishing reusable security patterns.
Position Summary
The primary focus areas for this position include:
Produce security architecture deliverables as part of Customer Identity and Access Management (CIAM) initiative.
Partner with IT teams to design, test, and deliver architectures to enable ID Federation/SSO.
Proactively identify security gaps, propose solutions, and work with the implementation team to deploy solutions.
Innovate and solve complex issues, building reusable security patterns for IAM domain.
Your Responsibilities
Participate in discovery workshops to understand Customer Identity & Access Management needs and provide best practice recommendations to meet various CIAM use cases. Develop design and architectural diagrams that clearly communicate the proposed solution and flows.
Actively participate in cross-functional team meetings, developing project plans, implementation, testing, pre/post go-live activities, risk management, and issue management.
Architect solutions utilizing Ping Identity Products and similar IAM products, such as IGA tools, Virtual Directory, PAM, and Secret Management solutions.
Evaluate current IAM-related security controls (on-premises and cloud), identify improvements, and build plans into the application security capability roadmap for implementation.
Build authentication & access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets management) and designs as part of initiatives to modernize the DTCC access management security posture.
Maintain professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks.
Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalate appropriately.
Leadership Competencies for this Level Include:
Feedback:
Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with criticism.
Delegating:
Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others’ expertise and considering others’ feelings and working styles.
Inclusive Leadership:
Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions.
Coaching:
Understands and anticipates people's needs, skills, and abilities, in order to coach, motivate and empower them for success.
Qualifications
3-5 years of related experience.
Bachelor’s degree preferred.
Specific Skills & Technologies
Strong cybersecurity experience is required in designing and implementing IAM solutions using products like PingIdentity, PlainID, SailPoint, RadiantLogic, and Apigee.
Experience and in-depth understanding of IAM security protocols & technologies (e.g., SAML, OAuth, OIDC, RACF, LDAP, ID Federation, SSO, MFA, UEBA) is required.
Integration experience of Ping Identity or similar products with z/OS RACF, AD/AAD, LDAP, and other IdPs for SSO with phishing-resistant MFA is required.
Strong understanding with some experience in designing/implementing fine-grained Policy Based Access Control & Dynamic Authorization using products like PlainID, PingAuthorize, and/or Axiomatics is required.
Strong knowledge of Information Security frameworks (e.g., ISO 27001, CIS, MITRE ATT&K, and NIST) & security architecture frameworks is required.
Knowledge of identity threat Analytics, Detection, and Response is required.
Experience in OS security (Windows, Linux), Network security (Firewall, Proxy, WAF), and RDBMS is preferred.
Strong communication skills with the ability to present in front of a large audience.
#J-18808-Ljbffr
Security Architect
Location:
Tampa/Dallas
Experience Level:
Associate
Experience Required:
10 Years
Education Level:
Bachelor’s Degree
Job Function:
Information Technology
Industry:
Financial Services
Pay Rate:
$85 per hour
Total Positions:
1
Relocation Assistance:
No
Business Unit Description
Mission:
Drive efficient and effective security capabilities through innovative thought leadership with a security-first mindset which advances DTCC’s mission to protect & shape the financial markets.
Vision:
A strong adaptive cybersecurity environment that continuously secures & protects its services to the financial industry.
Purpose:
Cybersecurity Architecture is a core pillar of Architecture and Enterprise Services within the Information Technology (IT) business unit. The team is responsible for designing architecture solutions for information security functions and publishing reusable security patterns.
Position Summary
The primary focus areas for this position include:
Produce security architecture deliverables as part of Customer Identity and Access Management (CIAM) initiative.
Partner with IT teams to design, test, and deliver architectures to enable ID Federation/SSO.
Proactively identify security gaps, propose solutions, and work with the implementation team to deploy solutions.
Innovate and solve complex issues, building reusable security patterns for IAM domain.
Your Responsibilities
Participate in discovery workshops to understand Customer Identity & Access Management needs and provide best practice recommendations to meet various CIAM use cases. Develop design and architectural diagrams that clearly communicate the proposed solution and flows.
Actively participate in cross-functional team meetings, developing project plans, implementation, testing, pre/post go-live activities, risk management, and issue management.
Architect solutions utilizing Ping Identity Products and similar IAM products, such as IGA tools, Virtual Directory, PAM, and Secret Management solutions.
Evaluate current IAM-related security controls (on-premises and cloud), identify improvements, and build plans into the application security capability roadmap for implementation.
Build authentication & access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets management) and designs as part of initiatives to modernize the DTCC access management security posture.
Maintain professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks.
Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalate appropriately.
Leadership Competencies for this Level Include:
Feedback:
Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with criticism.
Delegating:
Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others’ expertise and considering others’ feelings and working styles.
Inclusive Leadership:
Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions.
Coaching:
Understands and anticipates people's needs, skills, and abilities, in order to coach, motivate and empower them for success.
Qualifications
3-5 years of related experience.
Bachelor’s degree preferred.
Specific Skills & Technologies
Strong cybersecurity experience is required in designing and implementing IAM solutions using products like PingIdentity, PlainID, SailPoint, RadiantLogic, and Apigee.
Experience and in-depth understanding of IAM security protocols & technologies (e.g., SAML, OAuth, OIDC, RACF, LDAP, ID Federation, SSO, MFA, UEBA) is required.
Integration experience of Ping Identity or similar products with z/OS RACF, AD/AAD, LDAP, and other IdPs for SSO with phishing-resistant MFA is required.
Strong understanding with some experience in designing/implementing fine-grained Policy Based Access Control & Dynamic Authorization using products like PlainID, PingAuthorize, and/or Axiomatics is required.
Strong knowledge of Information Security frameworks (e.g., ISO 27001, CIS, MITRE ATT&K, and NIST) & security architecture frameworks is required.
Knowledge of identity threat Analytics, Detection, and Response is required.
Experience in OS security (Windows, Linux), Network security (Firewall, Proxy, WAF), and RDBMS is preferred.
Strong communication skills with the ability to present in front of a large audience.
#J-18808-Ljbffr