RIT Solutions, Inc.
Information Security Engineer (Okta, SailPoint)
RIT Solutions, Inc., Germantown, Tennessee, United States, 38138
Job Title: Information Security Engineer (Okta, SailPoint)Client: Confidential DIRECT Client (NO LAYERS) - Domain is HealthcareLocation: Memphis, TN (Hybrid Onsite: 3 days onsite, 2 days remote, Tues. & Wed. Required Onsite)Duration: 18 Months + Extensions (Long term contract)
Number of Openings: 1
NOTE: The Information Security Engineer will be a part of the Enterprise Identity team, focused to mature the program using both Okta (IAM) and SailPoint (governance).This position will work within a team of professionals to tackle key initiatives such as automating mover, joiner, leaver activities and streamline the user experience.Proficiency in OTKA REQUIREDSailPoint a BIG plus
Top Skills Required to Be Successful in this Role
Identity management and governanceSystem and network security engineering backgroundHighly technical and analytical expertise, with a proven deep background (preferred 5+ years IT experience in addition to cybersecurity) in technology, design, implementation, and delivery
ESSENTIAL JOB FUNCTIONS
Responsible for implementing, maintaining, monitoring and managing secure solutions. The engineer delivers these solutions in accordance with the organization's architectural designs, best practices, and regulatory or compliance requirements. Reporting to the Director Information Security and is expected to contribute to the corporate security strategy with security leadership and other senior security technologists.
Recipients of the engineer's implementations and management include infrastructure, application development, security operations, security audit and end users.
With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, the Information Security Engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Considered a highly knowledgeable individual, the Information Security Engineer is expected to implement, monitor and manage secure solutions that address modern day issues.Handle day-to-day implementation, monitoring and operational support of hardware, software, customer applications, managed solutions and service provider relationships.Actively participate and lead security team meetings that facilitate secure design.Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.Work in tandem with architects, the security operations center (SOC), incident responders (in cases of anomalous activity and host compromise), and technology infrastructure and development team members.Respond to and handle service and escalation tickets within SLA expectations.Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.Follow security engineering fundamentals and processes as outlined in standard frameworksInfluence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.REQUIREMENTS
Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent.Preferred (not required):
CISSP, CISM and/or SANS certification a plus.Preferably at least 7+ years' experience in cybersecurity, including compliance and risk management with a system and network security engineering background.Highly technical and analytical expertise, with a proven deep background (preferred 5+ years' ITS experience in addition to cybersecurity) in technology design, implementation and delivery.Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively.Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.Skilled in meeting vulnerability and penetration testing requirements.Excellence in communicating business risk from cybersecurity issues.Experience managing SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools.Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
ADDITONAL DETAILS
We are looking for at least mid-level engineers.Top Skills Required to Be Successful in this RoleIdentity management and governanceSystem and network security engineering backgroundHighly technical and analytical expertise, with a proven deep background (preferred 5+ years ITS experience in addition to cybersecurity) in technology, design, implementation, and delivery
What does the ideal candidate look like ? Active participant and lead from their seat to mature the enterprise identity program. Strong emphasis on enterprise identity management and governance. Works well with the identity team and Information Security department. Able to communicate business risk from cybersecurity issues. Experience with SIEM, threat Client platforms, SOAR, IPS/IDS, FIM, DLP, and other network and system monitoring tools. Track record of acting with integrity, taking pride in work, seeking to excel, eager to learn, being curious and adaptable, and communicating effectively.Daily job duties or assignments this contractor would complete.Daily Identity team queue operational workProject roadmap work for identity teamMeet with our customers (workforce) to understand their needs and engineer solutions accordingly.Support additional efforts in the Information Security department based on assignments as a resource.
Number of Openings: 1
NOTE: The Information Security Engineer will be a part of the Enterprise Identity team, focused to mature the program using both Okta (IAM) and SailPoint (governance).This position will work within a team of professionals to tackle key initiatives such as automating mover, joiner, leaver activities and streamline the user experience.Proficiency in OTKA REQUIREDSailPoint a BIG plus
Top Skills Required to Be Successful in this Role
Identity management and governanceSystem and network security engineering backgroundHighly technical and analytical expertise, with a proven deep background (preferred 5+ years IT experience in addition to cybersecurity) in technology, design, implementation, and delivery
ESSENTIAL JOB FUNCTIONS
Responsible for implementing, maintaining, monitoring and managing secure solutions. The engineer delivers these solutions in accordance with the organization's architectural designs, best practices, and regulatory or compliance requirements. Reporting to the Director Information Security and is expected to contribute to the corporate security strategy with security leadership and other senior security technologists.
Recipients of the engineer's implementations and management include infrastructure, application development, security operations, security audit and end users.
With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, the Information Security Engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Considered a highly knowledgeable individual, the Information Security Engineer is expected to implement, monitor and manage secure solutions that address modern day issues.Handle day-to-day implementation, monitoring and operational support of hardware, software, customer applications, managed solutions and service provider relationships.Actively participate and lead security team meetings that facilitate secure design.Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.Work in tandem with architects, the security operations center (SOC), incident responders (in cases of anomalous activity and host compromise), and technology infrastructure and development team members.Respond to and handle service and escalation tickets within SLA expectations.Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.Follow security engineering fundamentals and processes as outlined in standard frameworksInfluence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.REQUIREMENTS
Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent.Preferred (not required):
CISSP, CISM and/or SANS certification a plus.Preferably at least 7+ years' experience in cybersecurity, including compliance and risk management with a system and network security engineering background.Highly technical and analytical expertise, with a proven deep background (preferred 5+ years' ITS experience in addition to cybersecurity) in technology design, implementation and delivery.Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively.Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.Skilled in meeting vulnerability and penetration testing requirements.Excellence in communicating business risk from cybersecurity issues.Experience managing SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools.Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
ADDITONAL DETAILS
We are looking for at least mid-level engineers.Top Skills Required to Be Successful in this RoleIdentity management and governanceSystem and network security engineering backgroundHighly technical and analytical expertise, with a proven deep background (preferred 5+ years ITS experience in addition to cybersecurity) in technology, design, implementation, and delivery
What does the ideal candidate look like ? Active participant and lead from their seat to mature the enterprise identity program. Strong emphasis on enterprise identity management and governance. Works well with the identity team and Information Security department. Able to communicate business risk from cybersecurity issues. Experience with SIEM, threat Client platforms, SOAR, IPS/IDS, FIM, DLP, and other network and system monitoring tools. Track record of acting with integrity, taking pride in work, seeking to excel, eager to learn, being curious and adaptable, and communicating effectively.Daily job duties or assignments this contractor would complete.Daily Identity team queue operational workProject roadmap work for identity teamMeet with our customers (workforce) to understand their needs and engineer solutions accordingly.Support additional efforts in the Information Security department based on assignments as a resource.