As a Digital Technology & Analytics Senior Engineer, you are responsible for assisting in the development, management, administration of the RSA IdentityGovernance and Lifecycle (IGL) platform, onboarding new in-scope applications, enhancing its functionality by implementing provisioning and deprovisioning capabilities. The base technology skills require the candidate to be knowledgeable with Microsoft SQL and Oracle SQL technology, shell or Powershell scripting, light web/HTML development, and Identity Access Management (IAM) concepts. Additionally, the candidate will participate in all compliance-related activities including NIST/CMMC, SOX, and privacy. The candidate will assist in the development of all compliance analytical processes and other regulatory compliance objectives as directed. NIST compliance consists of 110 security controls many of which are derived by a functional SIEM. The successful candidate will demonstrate knowledge of SIEM use-cases that help enable NIST and future CMMC compliance.
As an IT Senior Engineer, a multi-disciplinary skillset is required. A thorough understanding of information security concepts, operational techniques, tools, penetration & vulnerability testing, conducting security assessments, and remediation is mandatory.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Work with business controllers, DT&A administrators, and the end-user community to ensure completeness and accuracy of compliance reviews on a timely and on-going basis
- Develop SIEM use cases to assure compliance with all standards bodies (NIST/CMMC, SOX, privacy, et al.)
- Conduct security operations as required
- All other duties as assigned
- Commitment to company values and ethics
- Dependable, personally responsible, and performs tasks accurately and completes work in a timely manner
- Motivated self-starter who maintains a positive attitude and strong work energy
- Team oriented and works harmoniously with others to get a job done, responds positively to instructions/procedures, and works well with others
- Excellent interpersonal and oral and written communication skills
- Detail orientation with strong judgment and decision-making abilities
- Plans work and carries out tasks without detailed instructions, prepares for problems or opportunities in advance, undertakes additional responsibilities
- Able to gather information and use data to determine cause and effect for complex problem solving
- Methodical and critical thinker that can anticipate and recognize second and third order consequences of any action, including risk-related decisioning concepts
- Organized, responsive and highly thorough problem solver
To perform this job successfully, the individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
- Technical Knowledge: working knowledge of NIST/CMMC, SOX and privacy compliance standards, CoBIT auditing framework, and technologies outlined above but also including Microsoft Office Suite, Microsoft Active Directory, and basic understanding of in-scope financial applications.
- Microsoft Windows Server, RedHat Linux, and Kali Linux
- Microsoft SQL and Oracle SQL technologies
- Microsoft Azure
- Light to moderate scripting and web/HTML development
- Identity Governance & Lifecycle or Identity Access Management (IGL & IAM) concepts
- Understanding of the process and methods of SSO (Single Sign-On) and MFA (Multi-Factor Authentication) SAML, OAuth, Azure AD, and ADFS
- SIEM technologies including log and machine data aggregation and correlation
EDUCATION and/or EXPERIENCE:
- Bachelor’s degree from four-year college or university; or eight years related experience and/or training; or equivalent combination of education and experience.
- 10 to 15 years of experience in Information Technology or Information Security/Compliance.
PHYSICAL DEMANDS/WORK ENVIRONMENT:
- The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
- Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- While performing the duties of this job, the employee may be regularly required to sit, stand, bend, reach and move about the facility.
- The environmental characteristic for this position is an office setting. Candidates should be able to adapt to a traditional business environment.
- Must be able to lift and carry up to 20 pounds and comply with OSHA standards.
Job: Information Technology
Primary Location: United States-Illinois-Wood Dale
Overtime Status: Exempt