Security Engineer

Job Description

Job Description

We are seeking a security engineer to build the firm’s next generation Policy Based Access Control (PBAC) solution. This role will reside within the firm’s Cyber organization within the Identity & Access Management team. As part of IAM team, you will partner with internal infrastructure teams–integrating on-premise / cloud / SaaS solutions with this firmwide PBAC solution.

Responsibilities :

• Collaborate with internal engineering teams to design PBAC (policy based access control) solution for infrastructure platforms and services.
• Develop, test and deploy PBAC integration for both in-house developed and vendor products following policy-as-code and GitOps methodology.
• Create detailed design documentation and present / articulate design decisions to internal governance forums. Required Skills :
• A 4-year bachelor’s degree majoring in Computer Science, Information Security, or a related field.
• Minimum 5 years of professional experience in Python development including hands-on with CI / CD pipelines, containerization tools like docker / podman and deploying applications to Kubernetes(Openshift / AKS).
• Experience with a declarative language like Prolog, Rego for policy-as-code implementations is a plus.
• Experience developing and implementing solutions using secure authentication protocols such as OIDC / SAML and mTLS is a plus.
• Experience with shell scripting and SQL including database schema design with products such as PostgreSQL and MongoDB is a plus.
• Understanding of IAM cloud platforms such as those offered by Azure, AWS, GCP is a plus.Desired Skills (Nice to haves) :
• Industry certifications (i.e. CISSP, CISM)
• Cloud security certifications like Microsoft Certified Identity and Access Administrator Associate and / or AWS Certified Security – Specialty.
• Savvy troubleshooting skills on a variety of different technologies (SQL, Linux OS utilities, PowerShell).
• Experience with implementation of PBAC solutions for application authorization.
• Experience with Sailpoint Identity Now or IdentityIQ IGA solutions.
• Excellent technical documentation skills.