Job Summary

This position is an experienced, senior level, hands-on technical lead, performing Identity and Access Management (IAM) functions and maintaining IAM systems, while providing technical guidance to the team.  Manages IAM technologies such authentication, authorization, and privileged access, as well as IAM policies and procedures, and incident response.  Provides technical expertise and support to clients, IT management and staff in IAM assessments, development, testing and the implementation and operation of appropriate IAM plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.

Job Responsibilities

Responsibilities include:
•    Leads and manages iIAM technologies
•    Provides technical expertise in IAM assessments
•    Defines, designs, and implements IAM strategies to protect against emerging threats using IAM tools
•    Responds to security incidents
•    Performs IAM reviews on new technologies and changes to existing technologies
•    Hands-on technical lead performing IAM functions and maintaining systems, while providing technical guidance to the team.
o    Manages IAM technologies such as authentication, authorization and privlaged access tools, as well as IAM security policies and procedures, and incident response.
o    Provides IAM technical expertise and support to clients, IT management and staff in IAM assessments, development, testing and the implementation and operation of appropriate IAM security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
 

Job Specific Qualifications

•    Bachelor’s degree in Computer Science, Information Systems, Cyber Security, Engineering or a related technical field
•    8 or more years of experience in information security or related IT experience
•    Must be able to perform as a hands-on technical lead performing IAM functions and maintaining systems, while providing technical guidance to the team.
•    Must have experience following IAM news and alerts, understands IAM attack vectors and risks, and identifies and evaluates emergent IAM security threats and vulnerabilities. Recommends appropriate corrective actions for IAM incidents and provides risk mitigation recommendations to management and team.
•    Must have experience with IAM cloud environments and can implement strong IAM security to protect cloud environments.
•    Must have experience designing IAM process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.
•    Experience reviewing complex IAM architecture design diagrams and documents for new IAM technologies and changes to existing IAM technologies to determine risks and provide recommendations and mitigations.
•    Must be able to work independently with little or no supervision.
•    Must demonstrate excellent verbal and written communication skills.
•    Must demonstrate strong leadership, technical teamwork, and interpersonal skills.
•    Must be ability and willingness to work in strong team environment, constantly teaching and      learning from other team members.
•    Ability to foster working relationships with the team, IT Management and Client departments.
•    Must demonstrate the ability to explain technical concepts to the business users in the context of business requirements.
•    Must have technical experience including: information / data / network / computer security design, administration and/or assessment.
•    Must have broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
•    Must have experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis.
•    Must have strong Leadership, planning and organizing skills and be results oriented
•    Must demonstrate strong interpersonal, organizational, managerial, financial management and leadership skills.

Desired:
•    Security certifications in incident response, cyber investigation, forensics, or threat hunting.
•    Programming Experience in Python

Please Note the Following: 
•    Approximately 5% Travel required
•    NERC CIP position, requires NERC CIP background investigation prior to start
 

Minimum Years of Experience

Education

Certifications

Disclaimer

Certain positions at the Company may require you to have access to Part 810-Controlled Information.  Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information.  Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made.  If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.