Share this Job

IAM Security Domain Architect

Apply now »

Date: Dec 15, 2018

Location: LAKE FOREST, IL, US, 600455202

Company: Grainger

Job Title:Domain

This individual is responsible for design and development of new security solutions, Tier III Support, SDLC, product life cycle, forensics and investigations, IT & Application penetration testing, documentation, and RCA’s.  The individual will facilitate and gather requirements from our customers and provide security solutions to meet their needs while aligning with Grainger strategies, policies, standards, guidelines, and procedures.

 

  • Actively protects the integrity and confidentiality of Grainger information assets while enabling business functionality in all systems and environments by implementing and supporting applicable security solutions
  • Serve as an SME in all areas of Identity Access Management; Provide subject matter expertise for Architecture, Planning and Roadmap sessions
  • Engineer solutions to ensure Payment Card Industry (PCI-DSS) and Sarbanes-Oxley (SOX) Compliance
  • Works to ensure projects are completed on budget
  • Provide Expert access troubleshooting and production support as needed in all systems across the enterprise especially related to Active Directory, IAM, Privileged ID Management,  and SAML technologies
  • Partner and execute complex changes in the Security Landscape based on results from analysis received from Internal Controls & Compliance, Internal Audit, External Audit and other functions as deemed appropriate
  • Supports departmental and corporate goals by meeting key performance indicators and defined metrics
  • Fully support and follow Change Management processes and procedures
  • Resolve and troubleshoot incidents and which have been escalated from Analysts and Engineers professionally within established SLAs, with accurate communication to the appropriate parties 
  • Anticipate customer needs and proactively identify solutions
  • When necessary, escalate appropriately to the internal support teams and/or vendor per established escalation procedures.
  • Perform daily / weekly administrative tasks and special assignments as required
  • Serve as a backup to Engineer II in all areas and as a back up to supervisor.
  • Identify and lead large and complex Continuous Improvement projects seeking opportunities to more effectively address team processes and customer needs. Guide team members on less complex Continuous Improvement Opportunities.
  • Review and provide guidance to Analyst and Engineers on knowledgebase articles.
  • Serving as a technical escalation resource to Engineer II team members
  • Support the SOX Compliance processes by providing leadership and support to Analysts and Engineers. Recommend and lead implementation of new functionality to enhance compliance processes. Ensure SOX controls are followed and effective.
  • Demonstrates an advanced understanding of troubleshooting and configuring Drivers, Privileged ID Management, and SAML SSO integrations.
  • Has an advanced understanding of enterprise workflows enabling them to perform advanced troubleshooting and create advanced workflows.
  • Ensure documentation is completed and training occurs prior to production acceptance, follows SDLC processes and procedures, completing required project documents
  • Highlight any individual or team training / knowledge gaps that may exist and work with management to address/resolve
  • Building, releasing and importing Identity Access related changes.
  • Lead large projects, manage and train team members assigned to projects, with little to no direction.
  • Participate in internal training sessions, Lead training sessions for the entire team
  • Coaching and serving as a technical escalation resource to team members and groups in or outside the department on all Identity Access related technical issues.
  • Develop secure, workable solutions aligned with business objectives.
  • Engineer solutions to ensure Payment Card Industry (PCI-DSS) and Sarbanes-Oxley (SOX) Compliance
  • Document solutions engineered to be handed off to Analysts, Engineers, Engineer IIs and support organizations. Review and contribute to documentation created by Engineer IIs. Serve as an SME in all areas; Provide subject matter expertise for Architecture, Planning and Roadmap sessions
  • Understanding of Cloud solution best practices and integration techniques
  • Facilitate the gathering of security requirements/specifications specific to Remote Connectivity (intra and intercompany), Internet facing solutions, eCommerce, Mobility, etc
  • Lead efforts for selection of vendors, devices and tools and provide input to management.  Active in existing vendor management, including renegotiation and annual true-up processes.
  • Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies
  • Lead in forensic investigations using standard tools and procedures to provide data to Legal, HR and Management
  • Perform Root Cause analysis on incidents engaging proper SMEs for assistance
  • Follow SDLC processes and procedures with the ability to perform code review and analysis.
  • Lead security project implementation from conception, design, testing and implementation.
  • Serve as a mentor to Engineers.
  • Lead and participate in, as required, analyzing, developing, and implementing large or complex Identity security solutions, as requested by business and process team partners.

 

Education:

  • Bachelor’s degree in Information Systems or related degree, or equivalent job experience. 

    Experience:

  • 7+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer platforms.
  • 7 or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments.
  • Expert understanding of Identity technologies and understanding of integration of applications within a distributed environment
  • Expert understanding of certificate based authentication and certificate
  • management (e.g. SSL and PKI)
  • Expert understanding of position based security model within the HR Org and distribution throughout the enterprise
  • Expert understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)
  • Experience in implementation and management of security access systems within the enterprise and in the cloud (e.g. Federation, SAML, etc.)
  • Demonstrates an expert understanding of how security access systems integrate across the enterprise
  • Any of the following are highly preferred: CISSP, CRISC, CISM or CCIE Security
  • Ability to quickly learn, become competent in, and effectively apply new skills
  • Ability to independently and effectively prioritize and execute tasks in a complex environment for self and team members
  • Knowledge and ability to teach/mentor an Engineer II provides regular knowledge transfer to team members
  • Experienced in leading large security access system upgrades/projects
  • Ability to add/change and provision roles and tasks in an IAM environment  via standard business applications.
  • Demonstrates an advanced understanding of how an IDA system integrates with SAP.
  • Experience writing, executing and troubleshooting advanced Power shell scripts.
  • Has an advanced understanding of an IAM environment and related technologies, including Active Directory and SAP
  • Advanced Experience in supporting identity access applications.
  • Ability to troubleshoot user account and directory object issues throughout the IAM environment including Privileged ID Management, Active directory, and SAML environment.
  • Demonstrates an advanced understanding of troubleshooting and configuring the IAM landscape including Privileged ID Management and SAMIL SSO integrations.
  • Has an advanced understanding of enterprise workflows enabling them to perform basic troubleshooting and create basic workflows.
  • Experience and hands-on working knowledge with a variety of Security tools including but not limited to Identity and Access Management, LDAP, Active Directory, forensics software, and security incident response.
  • Highly self-motivated with strong attention to detail
  • Strong verbal and written communication skills
  • Strong presentation skills
  • Very strong analytical and problem-solving skills

 

“Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”

 


Job Segment: ERP, Developer, Information Systems, SAP, Cloud, Technology

Apply now »
Find similar jobs: