Security Engineer - Identity Management

  • Competitive
  • New York, NY, USA
  • Permanent, Full time
  • IHS Markit
  • 15 Dec 18

Security Engineer - Identity Management

The Identity Management engineer will be working within the Corporate and Enterprise Security Architecture organization to mature existing Identity and Access Management (IAM) and Privileged Identity Management (PIM) practices. The role will be hands-on in implementing and supporting services that drive IAM and PIM practices in IHS Markit.
Facilitate, secure and support IAM in the organization
• Work with Security and Technology teams implementing and improving IAM standards, policies, practices and controls
• Work with Compliance teams to align controls and processes supporting audit requirements
Facilitate and support PIM in the organization
• Work with Security and Technology to drive enhancements to PIM practices, policies and standards
• Provide SME direction and input on PIM topics to drive strategy and design
• Provide key support and management for existing PIM and Password Vaulting solutions

Duties & Accountabilities

  • Provide SME-level consultation on privileged access controls and password vaulting services to new and existing internal service customers.
  • Work with Technology teams to improve privileged identity practices and protection through architecture, design, automation and/or tooling
  • Support and drive initiatives to expand IAM practices within the organization
  • Engage and coordinate with Security Operations (SecOps) group on the overall delivery and continuous support of Password Vaulting services.
  • Monitor the health and overall integrity of the CyberArk application stack and IHSM Password Vaulting service.
  • Manage, tune, and configure application level BAU, critical, or emergency settings on the CyberArk application stack.
  • Provide cross functional support and coverage for lead Information Security Engineers as needed.
  • Develop reporting on a structured or ad hoc basis to evaluate security posture or operational status of monitored environments. Activity, audit, data integrity, etc.
  • Deep experience managing PIM or password vaulting systems in a mid-size to large regulated environment
  • Experience managing highly available CyberArk infrastructures or equivalent application and privileged access management platforms
  • Minimum of 3 years of hands-on technical information security experience
  • Comfortable working with scripting, automation and orchestration technologies
  • Strong understanding of federated identity strategies and products: SAML/oAUTH/OpenID, Azure AD, ADFS, Ping, Okta
  • Comfortable working with Identity and Access Management (IAM) concepts, tools and platforms
  • Experience designing and implementing security solutions
  • Comfortable working with reporting tools - Splunk, SQL, Excel, etc.
  • CISSP or SANS GIAC certifications preferred

Personal Competencies
  • Strong, proven problem-solving skills and ability to identify, analyze, and resolve problems, driving solutions through to completion
  • Ability to translate complex technical information across all levels of the organization
  • Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors
  • Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction in a global, matrix-management environment
  • Demonstrated ability to translate business drivers and priorities into security design.
  • Energy and a clear passion for the role
  • Demonstrated personal values aligned with the corporate values
  • Excellent written and verbal business English
It is the policy of IHS Markit to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, IHS Markit will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. For candidates in the US, we are a participant in E-Verify (see link below).

EEO is the Law
EEO is the Law Supplement
Right to Work
Pay Transparency Policy

Current Colleagues If you are currently a colleague with IHS Markit please apply internally via Workday.