Job
Description
We are seeking a dynamic individual who embodies modern engineering culture - someone with deep engineering expertise within a digital product model, a passion for innovation, and a relentless drive to enhance the consumer experience. Our ideal candidate thrives in an agile, fast-paced rapid-prototyping environment, embraces DevOps and continuous integration/continuous deployment (CI/CD) practices, and champions the Voice of the Customer. If you are driven by the pursuit of excellence, eager to innovate, and excited to make a tangible impact within a team that embraces modern technologies and consumer-centric strategies, while prioritizing robust cyber-security protocols, we invite you to explore this exciting opportunity with us. Join our team and be at the forefront of shaping the future of healthcare, where your unique skills will not only be recognized but celebrated. Primary Responsibilities Plan, define, design, implement and maintain the solution architecture in the area of internal and external identity & access management solution in public and private cloud environments Adopt, implement and define guidelines using open standard identity protocols and mechanisms such as OAuth 2.0/ OpenID Connect, SAML 2.0, Federated Identity Management and SSO Mentors other members of the team on Information Security and Secure Development Standards Evaluates and recommends new and emerging security methods, best practices, tools, technologies and staying abreast of new threats & vulnerabilities Implement Security and Disaster Recovery measures and drive automation in the cloud architecture Develop and integrate analytics algorithms using AI and machine learning against security event data in largescale environments Help implement data-driven security analytics, reporting and monitoring initiatives and to support security incident analysis with your technical expertise Keep yourself up to date on the security aspects of the products, including infrastructure security, application security and cloud security Work with the product management, implementation teams to respond to customer security related issues and help define the security roadmap for implementation Develop and maintain threat models and perform frequent threat assessments Be an IAM SME to provide guidance and consulting services across teams Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications 8+ years of hands-on technical experience in implementing secure enterprise applications using cloud technologies 6+ years of relevant experience in Identity & Access Management and Information Security Hands-on working experience with SailPoint, ForgeRock, Ping, Okta, OneLogin, Azure AD or similar IAM products Hands-on developer with great coding skills with best practices. We currently use Java, JavaScript, Spring Boot, Spring Cloud, Kubernetes, AWS Hands-on experience with security management of virtual machines, containers, and applications Good experience in Threat, Vulnerability & Risk management, Infrastructure security Demonstrable experience in Site Reliability Engineering and DDoS mitigation techniques Knowledge of SANS Top 20 Critical Security Controls and OWASP Top 10 vulnerabilities Deep knowledge of OAuth 2.0, OpenID Connect, SAML 2.0, Identity federation, Single Sign-On, RBAC, ABAC, MFA, RBA Extensive knowledge and experience with identity and access management technology, such as single sign-on (SSO), two-factor authentication, privileged access management, etc. Working knowledge of Scripting languages (Python and PowerShell) Solid working knowledge of Web Application Firewalls, HTTP(s), TCP/UDP, SSL/TLS, Forward and reverse proxies, Load balancers Solid understanding and development experience on Java, SpringBoot, RESTful Web Services and Microservices Good understanding of the web application architectures, TCP/IP networking, cloud computing and data integrity and confidentiality including cryptographic techniques Exposure to AWS services, Lambda & containerization Cassandra/any other No-SQL exposure Proven ability to lead the design, implementation, and management of the organizations IAM systems and processes Proven solid communication skills and presentation skills, leadership skills, problem solving and analytical skills Flexible to work with global teams and working on different time zones Preferred Qualifications AWS Certifications Experience in implementing Security Analytics using AI and machine learning Experience in healthcare industry applications development and support Knowledge of implementation of technology specifications and/or RFCs Knowledge of JavaScript and Single Page Applications Hands-on experience on React/NodeJs & other UI frameworks Working knowledge of containers and orchestration (Kubernetes) Good understanding of foundational statistics and its applications along with relevant algorithms used for data analysis Good understanding of data science methodologies. Distinguish between descriptive, diagnostic, predictive and prescriptive analytic capabilities and their applications Good understanding of SCIM2, U2F/UAF/FIDO2, HOTP, TOTP Familiarity with security, privacy and compliance standards such as FISMA, FedRAMP, HIPAA, NIST800-53, NIST800-63 and GDPR
