View All Jobs at Esr healthcare
Refer a Friend
Why join Esr healthcare
esrhealthcare.com.mysmartjobboard.com
Job Description
Iam security architect Tampa dallas
Experience level: Associate Experience required: 10 Years Education level: Bachelor’s degree Job function: Information Technology Industry: Financial Services Pay rate : $85 per hour Total position: 1 Relocation assistance: No
Business Unit Description
Mission – Drive efficient and effective security capabilities through innovative thought leadership with a security first mindset which advances mission to protect & shape the financial markets.
Vision - A strong adaptive cybersecurity environment that continuously secures & protects and its services to the financial industry.
Purpose - Cybersecurity Architecture is a core pillar of Architecture and Enterprise Services within the Information Technology (IT) business unit. The team is responsible for designing architecture solutions for information security functions and publish reusable security patterns.
Position Summary
The primary focus areas for this position are the following:
• Produce security architecture deliverables as part of customer identity and access management (CIAM) initiative.
• Partner with IT teams to design, test and deliver architectures to enable ID Federation/SSO.
• Proactively identify security gaps, propose solutions, and work with implementation team to deploy solutions.
• Innovate and solve complex issues, build reusable security patterns for IAM domain.
Your Responsibilities
• Participate in discovery workshops to understand Customer Identity & Access Management needs and provide best practice recommendations to meet various CIAM use cases. Develop design and architectural diagrams that clearly communicate the proposed solution and flows
• Actively participate in the cross-functional team meetings, developing project plans, implementation, testing, pre / post go-live activities, risk management and issue management.
• Architect solutions utilizing Ping Identity Products and similar IAM products, such as IGA tools, Virtual Directory, PAM and Secret Management solutions.
• Evaluate current IAM related security controls (on-premises and cloud), identify improvements, and build plans into the application security capability roadmap for implementation
• Build authentication & access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets mgt) and designs as part of initiatives to modernize the access management security posture.
• Maintain professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks
• Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalates appropriately
Leadership Competencies for this level include
• Feedback: Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with criticism.
• Delegating: Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others’ expertise and considering others’ feelings and working styles.
• Inclusive Leadership: Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions.
• Coaching: Understands and anticipates people's needs, skills, and abilities, in order to coach, motivate and empower them for success.
Qualifications
• 3-5 years of related experience
• Bachelor’s degree preferred
Specific Skills & Technologies
• Strong cybersecurity experience is required in designing and implementing IAM solutions using products like PingIdentity, PlainID, SailPoint, RadiantLogic and Apigee etc.
• Experience and in-dept understanding of IAM security protocols & technologies (Eg: SAML, OAuth, OIDC, RACF, LDAP, ID Federation, SSO, MFA, UEBA) is required.
• Integration experience of Ping Identity or similar products with z/OS RACF, AD/AAD, LDAP and other IdPs for SSO with phishing-resistant MFA is required.
• Strong understanding with some experience is required in designing / implementing fine-grained Policy Based Access Control & Dynamic Authorization using products like PlainID, PingAuthorize and/or Axiomatics.
• Strong knowledge of Information Security frameworks (e.g., ISO 27001, CIS, MITRE ATT&K and NIST) & security architecture frameworks is required.
• Knowledge of identity threat Analytics, Detection and Response is required.
• Experience in OS security (Windows, Linux), Network security (Firewall, Proxy, WAF) and RDMS is preferred
• Strong communication skills with the ability to present in front of large audience.
Skills