Desired Skills and Experience

  • Analyze and design security and compliance solutions for applications and infrastructure, and provide expertise and consulting to clients
  • Identify and document information security risks and propose mitigating controls
  • Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security and compliance requirements
  • Understand and provide guidance on the architectures and solutions to assist clients with addressing regulatory governance and compliance requirements
  • Research, identify, design, and develop new information security or compliance controls for clients
  • Provide input regarding best practices for the creation of next-generation services focused on addressing and improving client’s governance and compliance requirements
  • Assess current IT environments and make recommendations to increase security and compliance capabilities
  • Assist clients in troubleshooting and resolving information security and compliance issues
  • Author, project, and support documentation and diagrams
  • Implement security and compliance solutions
  • Must have the ability to travel and work onsite at client locations (typically 50%)
  • 5+ years of hands-on experience with:

Identity and Access Management solutions (Ping, Okta, OneLogin) Roles Based Access Control (RBAC) Identity Federation (oAUTH, SAML 2.0, WS-FED) Privileged User Management solutions (Dome9, Centrify, CyberArc, NetIQ, Secret Store) Security Logging and Monitoring solutions (SIEM) (Trend Micro, Splunk, Alert Logic); and Security Vulnerability testing solutions (Nessus, AWS, CIS and OWASP audits)

  • Identity and Access Management solutions (Ping, Okta, OneLogin)
  • Roles Based Access Control (RBAC)
  • Identity Federation (oAUTH, SAML 2.0, WS-FED)
  • Privileged User Management solutions (Dome9, Centrify, CyberArc, NetIQ, Secret Store)
  • Security Logging and Monitoring solutions (SIEM) (Trend Micro, Splunk, Alert Logic); and
  • Security Vulnerability testing solutions (Nessus, AWS, CIS and OWASP audits)
  • Knowledge of Cloud Security Alliance (CSA) best practices and guidelines
  • Working experience with ISO 27001, CoBIT, SOX and/or other Information Security Management frameworks.
  • Demonstrated security platform design and implementation experience
  • Proven experience with application security, firewalls, IPS, vulnerability assessment and mitigation, event collection and correlation, auditing, crypto, data loss prevention
  • Excellent verbal communication, organizational, presentation and planning skills
  • Experience translating business direction into required security and or compliance controls and collaborating from SME to C-Level.
  • Bachelor’s Degree in Computer Science, other technical fields
  • Experience as a hands-on technical practitioner/specialist in client facing roles in mid-size or large enterprises and demonstrated client facing consulting skills, including building strong client relationships
  • Ability to design and implement reliable, scalable, high performing web-based solutions that meet the service levels associated with mission-critical Identity and Access Management based solutions
  • Understanding of identity and IAM processes, technologies, standards and industry best practices
  • Proven ability to thrive and succeed in a dynamic, fast growing, startup environment
  • Strong consultative selling, presentation and negotiation skills
  • Ability to thrive in ambiguous/pressure situations
  • Sense of Humor!
  • Experience with security architecture frameworks in cloud-based environments (e.g., AWS, OpenStack, VMware, etc) is strongly preferred.
  • Experience with PCI compliance, PCI Qualified Security Assessor (QSA) is a plus.
  • Obtaining Security certifications (CISSP, CISM, CISA etc)