Information Security Engineer, Systems and Identity Management

Job Responsibilities:

• Will be part of the team responsible for engineering and implementing various security projects and administration and monitoring of various security systems.
• Collaborate with business units and corporate partners to ensure solutions are built in consistent with the organization's policies, programs, architectural recommendations, and information security standards.
• Collaborate with development teams and onboard applications OIDC/SAML with identity provider for singe-sign-on.
• Build automation to streamline PAM processes such as built-in account discovery from Linux endpoints, inactive system/account management, etc.
• Enforce baseline configuration standards and security hardening on core services such as Active Directory. DNS and DHCP.
• Create and deploy security guardrails to AWS infrastructure as infrastructure as code through Git.
• Manage simultaneous projects, be part of troubleshooting and reacts to system/network security incidents.
• Understand the common types of cyber-attacks and countermeasures in the industry and engage with the business units to resolve within SLAs.
• Create and maintain technical process documentation (procedures and playbooks) for security systems/processes.
• Develop, build, and implement a mature and robust set of metrics and reports in Splunk/Power BI.

Required Qualifications:

• Knowledge and understanding of security engineering, system and network security, authentication and security protocols, incident management.
• Good understanding in Identity Access Management tools such as OKTA or others and experience in implementing SSO and federation standards such as SAML, OIDC and MFA.
• Develop, implement, and manage security standards and operational processes to secure the AWS platform and resources such as EC2, S3, LB, GWs, and other AWS services.
• Experience in both Active Directory, DNS, DHCP, windows and Linux operating system.
• Experience with Security Information and Event Management (SIEM) platforms (Splunk, ELK), logical thinking and ability to create searches, dashboards, etc. preferred.
• Ability to communicate network security issues to peers and management.
• Thorough understanding of the latest security principles, techniques, and protocols.
• Strong critical thinking, deductive reasoning, prioritization, and problem-solving skills.
• Experience with analyze/implement best practice configuration standards for systems and network devices.
• Ability to manage and lead complex enterprise-wide projects and multi-task.
• Experience with preparing standards/guidelines, playbooks, and procedure documents.
• Experience with managing projects, skills to prioritize project and tasks to meet deadlines.
• Automation experience in Python, PowerShell, and experience with Git for infrastructure as code management using Terraform and Terragrunt.
• Knowledge of various Security domains, Compliance requirements and Risk management practices and security industry standards and best practices – NIST, CSA, CIS etc.