5 months ago
In addition to the job description, the Sr Information Security Architect & Engineer will provide information security thought and technical leadership for Identity and Access Management solutions.
Candidates must have experience designing, implementing, and supporting one or more of the following:
1. Reverse proxy services, including the connectivity and authentication of complex web-services in an infrastructure designed for high availability.
2. Identity federation, leveraging protocols including SAML and OAuth/OpenID Connect.
3. Enterprise Single Sign-On (SSO), automating thick client and browser-based authentication on endpoints.
4. Multi-factor authentication for internal and external user communities.
Candidates must possess a strong working knowledge of Linux operating systems.
1. Linux operating systems, including patching and hardening. SUSE Linux Enterprise Server (SLES) is preferred.
2. LDAP. Proficiency in search syntax and reading traces to Active Directory and/or eDirectory is preferred.
3. Scripting. Automate reporting and common administrative functions through PERL, BASH and/or similar scripting languages is preferred.
4. Public Key Infrastructure (PKI), including concepts, best practices, and common vulnerabilities is preferred.
Basic familiarity in identity life-cycle management, Privileged Access Management (PAM), SIEM, User and Endpoint Behavior Analytics (UEBA) as well as common troubleshooting utilities (tcpdump/Wireshark/Fiddler) is preferred.
Exposure to NetIQ / Micro Focus security products is preferred.
Education and Experience Requirements:
Bachelors degree in Information Technology, Computer Science, Engineering or relevant curriculum; or equivalent combination of education and experience sufficient to successfully perform the essential functions of the job. A minimum of twelve (12) years experience as an IT professional with broad experience across multiple IT disciplines. See Other Requirements in description
Provides general supervision to a diverse team of system analysts and designers who define and implement secure IT application solutions. Provides subject matter expertise in the development and deployment of secure systems, methodologies, standards and processes that support the application development life cycle and support functions.
Principal Duties and Responsibilities:
Essential Functions: 1. Creates application security architectures and designs and configures complex enterprise applications based on the business requirements and security best practices. 2. Leads in the documentation of the desired security future state of application architecture, and documents the gaps between current and future states. Defines and tracks progress for mitigation plans to close the security gaps. 3. Makes IT solution recommendations that have an important impact on all segments of the business. 4. Develops high-level view of current and proposed IT architectures. 5. Serves as technical expert in security for the applications portfolio. 6. Assures that solution designs meet requirements for security and quality in accordance with negotiated service level agreements. 7. Under minimal direction, plans and conducts research in application security technologies in support of business objectives. 8. Teams provide the assessment of software security and coding defects discovered during the SDLC process. 9. Works with software designers, QA engineers, technical writers, configuration management and infrastructure, as needed, to ensure quality, security, and the successful implementation of new applications or features. 10. Assists project management with the development of work breakdown structures and project plans required to implement applications. 11. Participates in design reviews for implementation projects. 12. Assists IT and Business groups in the evolution of technology and business roadmaps. 13. Conducts technical evaluations and performs cost/benefit analysis. 14. Assists in the development of the disaster recovery strategy.
Additional Functions: 1. Serves as liaison with suppliers. 2. Assists with evaluation and recommendations regarding purchased software packages, and supporting services. 3. Supports management in recruiting, hiring and career development 4. Using knowledge of technology and existing systems, mentors junior staff and IT applications staff in the security functions to build and maintain application systems. 5. Performs other duties as assigned A credit history check from a national credit bureau will be conducted for all candidates for this position including new hires and current employees seeking promotion or transfer.
Other Requirements: 1. IT Infrastructure Library (ITIL) exposure is highly preferred 2. Certified Secure Software Lifecycle Professional (CSSLP) or Certified Information Systems Security Professional (CISSP) is a plus. 3. Solid understanding of system lifecycle methodologies. 4. Experience working in teams. 5. Proficiency with an Integrated Development Environment (IDE) desired. 6. Proficiency with MS Office.
Languages Required (in addition to English): None
Requisition Number: 99481
Category: Information Systems
Percentage of Travel: Up to 25%
Employment Type: Full-time
Gulfstream does not provide work visa sponsorship for this position, unless the applicant is a currently sponsored Gulfstream employee.