Senior Technology Security Engineer (IAM)

At EMC, you'll put your skills to good use as an important member of our team. You can count on gaining valuable experience while contributing to the company's success. EMC strives to hire and retain the best people by engaging, developing and rewarding employees.

Serves as an information security subject matter expert on highly complex enterprise projects, software, and hardware enhancements. Identifies information security risks, provides recommendations, builds, and configures solutions, and troubleshoots issues. Identifies and documents of highly complex information technology risks, assesses risk levels,
recommends risk treatment, coordinates risk acceptance and remediation, and ensures appropriate remediation occurs. Serves as security subject matter expert, collaborates with stakeholders, offers guidance, and serves as main security point of contact during project planning and implementation. Collects and provides documentation for internal and external audits and assessments. Oversees assigned security tools/services and vendor life cycle management.

Security Solution Engineering

• Serves as an information security subject matter expert on highly complex enterprise projects, software, and hardware enhancements. Identifies information security risks, provides recommendations, builds, and configures solutions, and troubleshoots issues. Collaborates with IT and security teams on project plans and meets with stakeholders to assess impacts and dependencies. Leads project activities to ensure timely deliverables and supports the establishment of a roadmap by evaluating and recommending new tools

• Leads highly complex information security projects across all security teams. Designs, builds, deploys, and maintains information security systems, including identity governance and access management solutions. Ensures the efficient operation of information security systems and resolves intricate security problems. Collaborates with other IT areas to plan for future needs

• Researches, evaluates, and proposes new information security solutions. Aligns information security systems with architectural requirements and strategies. Provides implementation and cost estimates for new solutions, including training requirements and system administration processes

• Collaborates with stakeholders to ensure the efficient operation of information security systems in alignment with architectural requirements and strategies

Risk Management

• Identifies and documents of highly complex information technology risks, assesses risk levels, recommends risk treatment, coordinates risk acceptance and remediation, and ensures appropriate remediation occurs

• Serves as the primary contact on assigned internal and third-party IT processes, risk assessments, and audits. Provides advice to key stakeholders on the security-relevant impact of findings

• Identifies and promotes applicable information security policies, standards, and guidelines, ensuring they are followed as part of project initiatives. Evaluates and recommends appropriate controls or mitigating measures

• Leads risk assessments and coordination of internal and external audit activities by collecting and providing documentation Performs information security system control testing and reports on system functionality

Consulting and Enablement

• Serves as security subject matter expert, collaborates with stakeholders, offers guidance, and serves as main security point of contact during project planning and implementation

• Leads troubleshooting sessions and knowledge transfers to resolve security issues including identity governance and access management

• Recommends solutions for aligning technology areas with future needs

• Offers highly technical guidance, training, and support to team members and stakeholders

• Proposes and develops automated processes to ensure consistent and appropriate event handling

• Leads the introduction of new security capabilities aligned with current standards and solutions

Documentation

• Collects and provides documentation for internal and external audits and assessments

• Documents information security systems policies, procedures, standards, needed improvements, and guidelines

• Maintains the document life cycle, including periodic reviews, updates, and approval cycles

Support

• Oversees assigned security tools/services and vendor life cycle management

• Schedules vendor meetings to review products, services, and vendor/tool roadmaps

• Drives renewals and new purchases through the EMC vendor management and purchase process

• Shares troubleshooting and resolution details with the team, stakeholders, and other IT teams

• Ensures purchases and renewals are processed in a timely manner, meets security budgetary goals, and avoids disruptions to security services and projects

The education and experience below are required for the job unless labelled as preferred:

• Bachelor's degree, preferably in information security, information technology, or a related field, or equivalent relevant experience

• Eight years of experience in information security, identity and access management, or related roles, including at least four years of experience in information security

• Master's degree, preferably in information security, information technology, or a related field or equivalent related experience and six years of experience in information security, identity and access management, or related roles, including at least four years of experience in information security

• Information security certifications (CISSP, CCSP, CCSK, AWS, Azure, Security+, CEH, GSEC) preferred

• Prior experience in the insurance industry preferred

The knowledge, skills and abilities below are required for the job unless labelled as preferred:

• Advanced knowledge of information security and privacy standards, concepts, principles, technologies, and audit practices

• Advanced knowledge of information technology including network, servers, cloud, and PKI/cryptography and identity and access management technologies

• Excellent knowledge of identity and access management concepts, principles, technologies

• Excellent ability to assess and report on information technology risks

• Strong knowledge of Linux and Windows operating systems

• Strong knowledge of secure cloud solutions within AWS, Google, and/or Azure cloud platforms

• Strong ability to perform and create automation tasks with tools (i.e., PowerShell, Python) preferred

• Experience in designing, building, and maintaining information security systems such as CyberArk Privilege Cloud, CyberArk Identity Security Cloud, SailPoint Identity Security Cloud, SailPoint File Access Manager

• Excellent analytical and problem-solving abilities

• Strong verbal and written communication skills

• Ability to lead moderate to highly complex technology projects

Required Skills:

• Strong written and verbal communication. Need to be able to effectively communicate security requirements to EMC engineers

• Ability to maintain confidentiality. May be processing sensitive terminations or account changes.

• Ability to prioritize assigned tasks

• Strong ability to administer Active Directory such as user accounts, groups, OUs, Domain Controllers, Sites/Services, GPOs

• Strong ability to administer Azure\EntraID such as user accounts, groups, Enterprise Application configuration (SSO, SAML, OIDC), MFA policies

• Strong ability to administer ARS such as user accounts, groups, OUs, ARS Policies, ARS Script Modules

• Strong ability to administer access to folders and files within a Windows-based network

• Thorough knowledge of the following identity and access management concepts: segregation of duties, role-based access, multi-factor authentication, least privilege, user lifecycle management, single sign-on (SSO), SAML, OIDC, OAuth

• Working knowledge in PowerShell, GraphAPI, Python scripting

Desired Skills

• SailPoint File Access Manager

• CyberArk Privileged Cloud

• Atlassian BitBucket

• Atlassian Confluence

• AWS EC2, Lambda

• SharePoint

Our employment practices are in accordance with the laws that prohibit discrimination due to race, color, creed, sex, sexual orientation, gender identity, genetic information, religion, age, national origin or ancestry, physical or mental disability, medical condition, veteran status, active military status, citizenship status, marital status or any other consideration made unlawful by federal, state, or local laws.

All of our locations are tobacco free including in company vehicles.