Identity Specialist, Information Security Eng

Information Security Engineer (Identity & Access Management Specialist) -- Hybrid
Please note that this role requires proof of vaccination or qualified exemption per the required criteria if not vaccinated.

Safe-Guard Products provides products and solutions to the motor vehicle industry that drive customer retention and protect consumers from the perils of vehicle ownership. We believe in innovation, collaboration and diversity and inclusion. Safe-Guard offers Competitive Benefits and career path.

Position Overview: Information Security Engineer (Identity & Access Management IDAM Specialist)

The security engineer is responsible for implementing, maintaining, monitoring and managing secure solutions. The engineer delivers these solutions in accordance with the organization's architectural designs, best practices, and regulatory or compliance requirements. As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.

The security engineer is expected to contribute to the corporate security strategy with security leadership and other senior security staffers and technologists. Recipients of the engineer's implementations and management include IT infrastructure, application development, security operations, security audit and end users. With an emphasis on securing systems, applications, cloud solutions, third-party connections, service providers and ancillary systems, the security engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Considered a highly knowledgeable individual, the security engineer is expected to implement, monitor and manage secure solutions that address modern day issues.

Essential Functions:

The Information Security Engineer (IDAM Specialist) will provide security expertise for critical operations. This position will work closely with system and software engineers to design and implement systems that are secure in their implementation while still accomplishing their mission. This position will design and implement identity solutions for the enterprise, partners and applications, including centralized directory and SSO integrations. This role will also design and implement Privileged Access Management (PAM) solution(s) to manage the lifecycle of privileged credentials, broker least privilege access, manage encryption keys and certificates and ensure secure secrets handling with applications.

• Handle day-to-day implementation, monitoring and operational support of platform, software, customer applications, managed solutions and service provider relationships.
• Development experience with one or more programming languages (Java, Python, Shell, etc)
• Extensive knowledge of authorization flows (Client credentials, Authorization code, PXCE, etc)
• Actively participate and lead development team meetings that facilitate secure design.
• Engage in identity and access management (IDAM) projects that evaluate existing architecture and design and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).
• Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.
• Work in tandem with architects, developers, system administrators (in cases of anomalous activity and host compromise), and technology infrastructure and development team members.
• Respond to and handle service and escalation tickets within SLA expectations.
• Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.
• Participate regularly in change project and change management meetings.
• Research, validate and deploy solutions meeting security and business needs.
• Follow security engineering fundamentals and processes as outlined in NIST 800-160
• Focus on driving security efficiencies, create automation enabling security team members to work on more advanced tasks.
• Write custom RegEx expressions to improve detection in vulnerability scans
• Implement solutions observing compliance - Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI), etc. - and privacy laws.
• Perform other duties as assigned.

Qualifications:

• Highly technical and analytical, with a proven deep background in IDAM technology design, implementation and delivery.
• Extensive knowledge of SSO, MFA, IdP, public key infrastructure (PKI), privileged accounts and integration application program interface (API) capabilities.
• Highly technical and analytical expertise, with a proven deep background (preferred 5+ years' IT experience in addition to cybersecurity) in technology design, implementation and delivery.
• Experience in cloud computing technologies, including software-, infrastructure- and platform-as-a-service, as well as public, private, and hybrid environments.
• Skilled in meeting vulnerability and penetration testing requirements.
• Excellence in communicating business risk from cybersecurity issues.
• Experience utilizing SIEM systems, threat intelligence platforms, security automation and orchestration solutions, data loss prevention (DLP) and other network and system monitoring tools.
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.

• Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), SANS certification(s), or Web Application Penetration Tester (WAPT) certification, Certification Identity and Access Manager (CIAM)
• Experience with security technology product evaluation, proof of concepts and testing.

Safe-Guard Products International is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to age, race, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, disability or protected veteran status, or any other status or characteristic protected by federal, state, or local law.