Sr. Security Engineer - Cryptography and Access Management

Description

The Information Security team is committed to delivering innovative cybersecurity solutions and services to the enterprise.

Our global team is growing!!

We are looking for a Sr. Security Engineer to join us, with a focus on supporting our needs and capabilities across Private Key Infrastructure (PKI) and Privileged Access Management (PAM).

This role will lead all aspects of administration,operationsand continuous advancement of Kraft Heinz enterprise cryptographic and access management capabilities.

You will work closely with the PKI and PAM program owners, IT and Business Partners, and other organizational partners to deliver on required program capabilities, program compliance requirements and program maturity targets.

Key responsibilities :

Perform day to day monitoring, management and maintenance of organization's PKI and PAM platforms, ensuring maximum platform capability, performance and health.

Maintain standards, playbooks and communications for management and maintenance of program capabilities and processes

Maintain technical documentation around architecture, configuration, management maintenance of core platforms, supporting tooling and other applicable technologies.

Lead, superviseand continuously optimizedelivery and user experience of certificate lifecycle management processes, including request, approval, issuance,validation and revocation,to ensure continuous alignment with requirements andcompliance with standards and processes.

Support the design,build and deployment of enterprise PKI systems and ensure PKI systems align with and enforce industry leading practices and NIST standards.

Manage, supervise and continuouslyoptimize delivery and user experience of privileged account lifecycle management processes, including provisioning, vaulting, rotation, changes, deprovisioning, and access reviews.

Leadcyclical and ad-hoc training and awareness programs around PKI and PAM capabilities and practices.

Collaborate with multi-functional teams to ensure flawless execution of security processes.

Design, plan and implement the integration of platforms with other security systems and applications.

Implement applicable policies, procedures, and standards to internal teams and collaborators.

Successfully communicate with internal engineering and operations teams to design, plan, implement, validate and memorialize changes to platform configuration, integrations and processes.

Partner with internal and external teams and product vendors to lead resolution ofissues with certificates and certificate lifecycle, privileged accessand access lifecycle, platform, platform integrations, and other issues as they arise.

Monitor, measure and communicate key program capabilities and metrics

Provide support for program audits to ensure alignment of practices to processes, and compliance of processes to requirements

Continuously evaluate and improve the capability of platforms to stay ahead of emerging threats.

Evaluate new tools, technologies and techniques to enhance the efficacy and efficiency of programs and capabilities.

Stay updated with, and communicate to program owners and key partners, changes and advancements to industry trends,standards, and regulatory requirements

Qualifications for this role include :

Advanced experience in cybersecurity, with at least three years of hands-on experience and expertise with encryption and identity and access management

Strong level of understanding of EnterprisePKI platforms and processes, including certificateenrollment protocols, automation, lifecycle, troubleshooting and resolution.

Strong level understanding of Enterprise PAM platforms and processes, including provisioning, vaulting, granular rights management, de-provisioningand verification processes, injection and secure access.

Strong level of understanding of enterprise directory services and group policies.

Strong level of understanding of authentication flows and mechanisms, including strong multi-factor authentication.

Experience withscripting in Python, shell and powershell.

Familiarity with security frameworks and standards (e.g., NIST CSF, ISO 27001).

Strong analytical and problem-solving skills.

Excellent communication and interpersonal skills.

Location(s)

Toronto - Queen's Quay - Headquarters