DescriptionResponsible for the planning, design and build of security architectures to ensure strong security posture, compliance with regulations, and safeguard customer s data. Manage information systems security, including disaster recovery, database protection, and software development. Demonstrate the company s core values of respect, honesty, integrity, diversity, inclusion and safety.
IAM (Identity Access Management) Architect role is on the CIS IAM Architecture and Governance team responsible for the strategy, design, and governance of the Kroger enterprise IAM program.
Responsibilities- Oversee Identity and Access management, cloud security, cryptography, logging and alerting, security operations, malware detection, incident response, vulnerability scanning, penetration testing, security architecture, and digital forensics
- Guide the implementation of network and computer security and ensures compliance with corporate cybersecurity policies and procedures
- Assist with the monitoring of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software
- Monitor server and firewall logs, scrutinize network traffic, establish and update vulnerability scans
- Analyze and resolve complex security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required
- Manage and ensure the security of databases and data transferred both internally and externally
- Oversee penetration testing of all systems in order to identify system vulnerabilities; design, implement, and report on security system and end user activity audits
- Develop new and modify existing security policies and procedures to maintain compliance
- Evaluate existing and recommend new and emerging security technologies
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts
- Communicate important updates with key stakeholders across the organization
- Coach and mentor other members of the security engineering team
- Must be able to perform the essential job functions of this position with or without reasonable accommodation
-PingOne, Ping Acces and Ping Federate experience including DaVinci
-Experience with multiple IGA providers such as SailPoint, EmpowerID, Saviynt, etc.
-Advise colleagues and lines of business on Identity best practices.
-Radiant Logic Architecture and Implementation
QualificationsMinimum
- Bachelor's Degree computer science, information systems, or related technical field
- Any experience in one or more of the common languages (e.g., Perl, Python, Ruby, shell scripting)
- 8+ years of experience in a related security field
- Proven ability to design and build scalable, high volume, and low latency applications
- Advanced knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
-Expert in a minimum of two IAM areas, which includes Identity Governance and Administration (IGA), IAM Governance (IAM Policies and standards) Directory Services (Azure, AD, Oracle, dDirectory), Access Management (SSO Federations), Privilege Access Management (PAM).
-SME level of understanding of SAML, OAuth, OIDC, and header-based federations.
Desired
- Master's Degree computer science, information systems, or related technical field