Security EngineerApply Now
Location: Marlboro, Massachusetts 01701
Employment Type: Contract
Team is responsible for helping the move from ITIM to Sailpoint Lifecycle Manager and continuing to expand CyberArk
- Do not need to have Sailpoint specifically, but should have experience with some Access and Identity Management tool
- Candidates need to be able to work onsite
- Must have experience with Java, CSV file manipulation, and advanced SQL skills
• Responsible for working with the business and other IT resources implement IT Security controls by leveraging existing IAM tools
• Occasional on call support
• Assists with projects in support of the enterprise information security program
• Collaborate with sister teams and departments to properly configure security values using least privilege.
• Provides valuable input to improvement of process surrounding day to day ops and security control execution.
• Generate ad hoc and daily security reports
• Special Projects as assigned
• Performs all procedures of basic to high complexity necessary to ensure the core objectives of IT Security. Reviews and maintains security operations for large organizational units and/or complex enterprise-wide projects
• Serves as technical lead on functional teams or projects and serves as a best practice / quality resource
• Performs basic to complex security reviews to ensure compliance with internal security standards and regulatory requirements
• Interfaces with user community to understand their security needs. May implement procedures to meet user needs
• Acts as a subject matter expert for at least one area within IT Security (Provisioning, Privileged Access Management, Access Reviews, SSO, RSA tokens, etc.) to ensure that the user community understands and adheres to necessary procedures to maintain security
• Conducts accurate evaluations of the level of security required for highly complex systems. Provides management with status reports
• Performs root cause analysis of moderately complex to highly complex security issues and determines the best course of action to remedy the problem
• Performs other duties as required
• Investigates and resolves security incidents as needed
• Ensures that IT Security architecture / designs, plans, controls, processes, standards, policies, and procedures are aligned with IT standards and overall IT Security objectives
• Identifies security risks and exposures, determines the causes of security violations, designs and implements procedures to prevent and mitigate future incidents
• Able to create and execute short to medium term strategies
• Proactively Determines if an event needs to be escalated to management or outside of the unit
• May recommend new policies and procedures to management and has wide latitude to decide on the best course of action for new procedures
• Recommends course of action for low to moderately complex situations
• Must have a basic understanding of computer security concepts including access management, application security, and risk & compliance
• Knowledge of Identity and Access Governance principles
• Strong aptitude for IT Security
• Java scripting in one or more of the following environments: SailPoint, Sun Identity Manager, Oracle Identity Manager, IBM Tivoli Identity Manager
• Experience with rights and permissions on Active Directory, Mainframe ACF2, UNIX and Linux
• Knowledge with MS Office including Visio.
• Experience with SOX and PCI audits are a plus
• 5+ years of IT experience. The more years of direct Identity and Access Management experience the better, but will consider training the right candidate.
• Should have experience in one or more Identity Management disciplines, such as: Identity Lifecycle Management, Authentication, Authorization, Federation, Access Management, Access recertification, Role and Entitlement models, Directory technologies (LDAP) etc.
• Should have solid understanding of applications and system IAM architectures and best practices
• Deliver technical security configuration expertise in implementing enterprise-wide IAM ecosystem
• Act as trusted security professional with ability to provide strategic and technical direction in leading activities in computer security concepts including Identity & Access Management, Application Security, and Risk & Compliance
• Experience understanding operational and security requirements and translation of those requirements into technical IAM capabilities. We’ve a particular interest in candidates with hands-on experience with IBM Security Identity and Access Management Suite, Sailpoint IIQ, Cyber Ark
• Ability to effectively communicate and advocate key security requirements and control implementation to development team
• Must have development skills and a solid understanding of secure system development life cycle (SDLC)
• Bachelor's Degree or equivalent experience
• Relevant security industry certifications preferred including but not limited to CISSP, SSCP, and CISM etc.
• Must have an understanding of computer security concepts including Identity & Access Mgmt, Network Security, Application Security, Incident Management, or Risk & Compliance
• Must have a moderate understanding of network concepts and protocols (such as DNS, SMTP, FTP, etc.)
• Expert knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to cyber security, the company and its objectives
• Familiar with IT Regulations, PCI / Sarbanes-Oxley / MA privacy laws
• Solid working knowledge with MS Office
Minimum Experience and Education
• 5 years in IT and/or Cyber Security environment
• Bachelor's Degree or a minimum of three years in IT at an organization with over 10,000 employees
Ovrille is responsible for full lifecycle recruiting for JVT’s clients across several industry verticals. He supports the Contract Recruiting team, and specializes in identifying temp (contractual) and temp-to-perm resources for JVT’s clients.
Can't find your fit?
We get new jobs every day. Send us your resume and we'll let you know when we have the right opportunity for you.