This role, Staff Security Engineer- Identity & Access Management, performs the necessary leadership, facilitation, analysis, and design tasks related to the development of an enterprise Identity &Access Management infrastructure.
- Develop an IAM strategy, implementation roadmap and architectural blueprint across on premise, cloud, and mobile systems
- Design and the IAM space by aligning business requirements and IT strategies, detecting deficiencies, and recommending solutions for continuous improvement.
- Design and implement solutions for securely integrating IAM infrastructures for potential M&A
- Hands on experience in implementing enterprise level IAM solutions
- Document, recommend and review capital projects (for example, business requirements, architectural design and build/operate artifacts).
- Oversee and facilitate the evaluation, selection and design of IAM products and services in-line with industry standards and regulatory compliance.
- Work with information security leadership and cross-functional teams to develop strategies and plans to enforce security requirements and address identified risks.
The Staff Systems Engineer develops, maintains, and supports The Home Depot's technical infrastructure that includes network, hardware, database, and system software components. The Staff Systems Engineer is responsible for collaborating with and enabling product teams with infrastructure. Staff Systems Engineers are expected to leverage tooling and custom applications to monitor and optimize performance. Staff Systems Engineers lead the stand up of physical and virtual infrastructure to meet evolving enterprise and product team needs. In addition, Staff Systems Engineers may lead the selection and rollout of field and corporate technology. As a Staff Systems Engineer, you will be a core player that participates and leads multiple efforts simultaneously. You are expected to build and grow the skillsets of more junior Engineers on the team.MAJOR TASKS, RESPONSIBILITES AND KEY ACCOUNTABILITIES
20% - Strategy & Planning:
Researches and analyzes business trends and behavioral data to identify opportunities for improvements and new initiatives
Leads the evaluation, development, and recommendation of specific technology products and platforms to provide cost-effective solutions that meet business and technology requirements
Researches and designs best fit infrastructure, network, database, and security architectures for products
Proactively creates and maintains tools for monitoring and support
Participates in project planning and management across multiple efforts
Develops formal training courses
30% - Delivery & Execution:
Leads configuration, debugging, and support for infrastructure
Leads field and corporate roll-outs of technology
Leads the stand up of necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs
Creates and optimizes specifications for technology solutions
Produces and manages purchase requests for hardware and software
40% - Support & Enablement:
Collaborates with product and project teams to understand needs and enable them with infrastructure
Supports technology architecture design review efforts for project and product teams
Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate
Drives root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions
Maintains, upgrades, and supports existing systems and infrastructure to ensure operational stability
Acts as a vendor liaison, owning resourcing, issue management, and documentation
Leads the production of in-house documentation around solutions
Monitors tools and proactively helps teams struggling with systems issues
Provides application support for software running in production
Creates scripts and tools that drive automation and enable product teams and end users to move towards self service
Acts as a mentor to more junior Systems Engineers
10% - Learning:
Keeps abreast of innovations and industry trends as well as changes to internal systems and determines how they impacts tools, training, and support necessary to keep systems up, running, and secure
Participates in and contributes to learning activities around modern systems engineering core practices (communities of practice)
Proactively views articles, tutorials, and videos to learn about new technologies and best practices being used within other technology organizationsNATURE AND SCOPE
Typically reports to the Systems Engineer Manager or Sr. Manager.
ENVIRONMENTAL JOB REQUIREMENTSEnvironment:
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.Travel:
Typically requires overnight travel less than 10% of the time.Additional Environmental Job Requirements: MINIMUM QUALIFICATIONS
Must be eighteen years of age or older.
Must be legally permitted to work in the United States.
Additional Minimum Qualifications:
Must be legally permitted to work in the United States
The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to the job.
Years of Relevant Work Experience:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
Additional Qualifications:Preferred Qualifications:
Knowledge of Single Sign On Federation products using SAML 2.0 and Oauth technology. Products such as (PING Federate, Microsoft ADFS, etc.)
Experience with RSA secureID for 2 factor authentication.
Working knowledge of Identity and Access Management package solutions - Oracle, IBM, CyberArk
Knowledge of Dell/Quest toolset (ARS, RMAD, etc.).
Experience integrating directories for access management and SSO.
Experience in troubleshooting of complex enterprise-architected systems on multiple platforms
Ability to deploy Highly Available and Robust infrastructure
Knowledge of evaluating performance and tuning LDAP environments
Experience utilizing security best-practices to tighten access to LDAP resources and Identity and Access Management Solutions. Strong Windows system administration and deep understanding of Windows security. Information Security experience particularly with Identity and Access Management.
Extensive knowledge of Active Directory and LDAP protocol
Working knowledge of Identity and Access Management technologies - SSO, Web Access Management, Entitlement/Certification Management, Federation, Directory Services, Password Management, Provisioning and Job Role ManagementKnowledge, Skills, Abilities and Competencies:
Cultivates Innovation: Creating new and better ways for the organization to be successful
Action Oriented: Taking on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm
Business Insight: Applying knowledge of business and the marketplace to advance the organization s goals
Collaborates: Building partnerships and working collaboratively with others to meet shared objectives
Communicates Effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
Drives Results: Consistently achieving results, even under tough circumstances
Global Perspective: Taking a broad view when approaching issues; using a global lens
Interpersonal Savvy: Relating openly and comfortably with diverse groups of people
Manages Ambiguity: Operating effectively, even when things are not certain or the way forward is not clear
Optimizes Work Processes: Knowing the most effective and efficient processes to get things done, with a focus on continuous improvement
Self-Development: Actively seeing new ways to grow and be challenged, using both formal and informal development channels
Situational Adaptability: Adapting approach and demeanor in real time to match the shifting demands of different situations
Associated topics: cybersecurity, forensic, iam, idm, information technology security, malicious, security engineer, security officer, violation, vulnerability