The cyber security architect - identity and access management security, leads and contributes to projects that involve migrating existing workloads to cloud services and building completely new architectures to support net new cloud workloads. Project technology stacks include existing legacy / On Premises software, Oracle and Azure Platform as a Service (PaaS) and Infrastructure as a service (IaaS) services, and other competitive technologies. While much of the focus of this role will revolve around identity and related cloud security technologies a large portion of the work will also involve adjacencies including privileged account management, securing and configuring tenancies, networking, encryption, and key or Certificate Management. In addition to interacting directly with customers the role involves regular work with the development organization to drive software improvements and innovations. Evaluate existing and proposed technical architectures for security risk, provide technical advice to support the design and development of secure architectures and recommend security controls to mitigate those risks. Evaluation of internal security architecture may include design assessment, risk assessment, and threat modeling. Bring advanced-level skills to research, evaluate, track, and manage cloud security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, and where computer programming and scripting knowledge is required.
Responsibilities
- Represent the office of the Chief Security Officer in evaluating technology initiatives and projects to determine advanced cybersecurity requirements and controls necessary to comply with company policies, standards, and industry best practices.
- Engage with senior IT and business leaders and the CSO to address complex design considerations to appropriately manage risk on behalf of the company.
- Align identity and access management solutions with industry security standards and frameworks and cloud security best practices.
- Evaluate, design, and develop identity and access management security solutions to address business problems.
- Recommend changes to existing controls and systems.
- Provide creative and innovative solutions that bridge the gap between requirements and cloud capabilities.
- Participate in full solutions lifecycle including engaging with key business stakeholders to understand requirements, performing business analysis and relaying feedback to development partners to improve future offerings.
- Demonstrate flexibility and resilience in response to changing or ambiguous situations.
- Evangelize security and application solutions and controls by creating and communicating presentations both internally and externally.
- Stay current on industry trends and cloud provider capabilities.
- Maintain a rigorous connection to evolving solutions within cloud technologies.
- Support escalations from Security Operations Center Analyst team requiring identity and access management-specific expertise.
- Assist in complex forensic and investigation activities as needed.
- Provide timely and accurate cross-platform support in response to security threats that may arise that poses a risk to systems across the company's computing enterprise.
- Performs any additional responsibilities as requested or assigned.
Requirements
- Bachelor's degree in Computer Science, Information Technology or related field, or an equivalent combination of education and work experience. (Typically, four years of additional related, progressive work experience would be needed for candidates applying for this position who do not possess a Bachelor's degree. A minimum of two years additional directly related technical experience is required.)
- Minimum of six years of experience in progressively responsible information technology roles.
- Five years of experience in developing, implementing, or architecting information systems.
- Three years technical architecture experience integrating identity and access management software into cloud infrastructure and applications.
- Two years experience in managing the security aspect of cloud deployments OR deployments of at least one identity and access management product such as: Oracle OAM/OIM/OVD/OID, CA/Netegrity SiteMinder/IdentityMinder/TransactionMinder, IBM Tivoli Identity Manager and/or Access Manager, Sun Identity Manager and/or Access Manager, Ping Access and/or Ping Federate, or similar.
- Experience developing identity management strategies, architectures and implementation plans
- Experience with cloud or mobile security including: OAuth, OpenID Connect, SAML federation, Single Sign-On MFA and strong authentication.
- Experience with REST security concepts including OAuth, JSON, JWE, JWS, and JWT.
- Experience developing identity management governance plans
- Experience with one or more directories such as Active Directory, IBM Directory Server, SunONE Directory Server, and Novell e-Directory
- Excellent oral and written communication skills, including presentation skills.
- Effective interpersonal skills and customer relationship skills.
- Effective analytical, problem-solving, and decision-making skills.
- Advanced knowledge of security principles is desired through achievement of advanced security certification including CISM or CISSP.
- Experience in intelligence management, security technologies and corporate security topics.
- Knowledge of information technology terms, equipment, systems, functions and major vendors.
- Ability to obtain and maintain a government security clearance of a Secret classification or higher.
- Project management skills: ability to prioritize and handle multiple tasks and projects concurrently.
- Fluent in CICD tooling and automation capabilities.
- Understanding of current regulatory environment and related implications to identity management and security/audit compliance.
- Experience leading business requirements gathering, translating those into system requirements, and facilitating business process design.
- Experience developing identity management strategies, architectures and implementation plans. Individual should have a strong technical background and excellent problem-solving skills.
Preferences
- IP networking skills, adept at UNIX shell scripting, PERL, BASH, Powershell or Python abilities, and the ability to manipulate and massage data preferred.
- Experience with at least one of the following development environments/languages: Java / J2EE, Python, JavaScript, C#, c/C++ preferred.
Additional Information
Req Id: 105812
PacifiCorp
825 NE Multnomah
Portland
Oregon United States
www.pacificorp.com
