TIAA Sr Info Security Engineer - IAM in Raleigh, North Carolina
As long as there are people who make the world a better place, we'll keep making a difference for them. Since 1918, it has been TIAA's mission to serve those who serve others. It is this mission and the values we embrace that make us a different kind of financial services organization.
When you work here at TIAA, you're not just in it for yourself. You are part of something bigger. A collective mission to make a difference - a collective mission we make our own.
To be difference makers.
For more information about TIAA, visit our website at https://www.tiaa-cref.org/public/about-us/who-we-are-at-tiaa-cref .
The Sr. Security Engineer will be responsible for the engineering of security solutions and partnering with the operational users of those security solutions to ensure that the underlying technology is sufficiently meeting the needs of the overall Security department as well as suggesting and implementing enhancements to key technologies. This role will require flexible hours and expanding responsibilities for new technology.
KEY RESPONSIBILITIES AND DUTIES:
Serve as the subject matter expert (SME) for various enterprise security solutions, primarily identity lifecycle management and underlying host, best security practice, and ensure stable operation while enhancing existing solutions
Partner with security architecture on implementing and improving security solutions
Champion the technical details of security solution initiatives including business case
Continually assess security controls for deficiencies then remediate
Measure and report key performance indicators for responsible solutions including effectiveness of control activities, uptime, and enhancement demand
Assist engineering partners in skills development and on-call backup
Minimum 4 - 7 years of relevant UNIX work experience
Experience configuring hosts to use RSA two factor authentications
Experience with shell scripting background
BoKS administration experience –installing, troubleshooting, administering BoKS environment
Experience using both command line options and GUI to assign hostgroups/userclasses/configurations
Desired Skills (Preferred not required):
A thorough understanding of UNIX|Linux operating systems and System Administration functions and processes
A thorough understanding of UNIX|Linux authentication processes and components
An thorough understanding of LDAP and AD
Should have a reasonable understanding of Puppet and be able to create Puppet manifest files and understand how to test themAbility to function within a high-security environment and include security considerations in decision making.
An understanding of an RSA infrastructure
An understanding of tcp/udp ports and troubleshooting (firewalls)
Excellent organizational, verbal, and written communication skills.
Experience with virtualization technologies (e.g., VMware, Hyper-V, etc.) (desired)
Experience managing the identity and access lifecycle in a large enterprise including role and policy based access control structure
Experience with or knowledge of various platform security tools and scoring concepts (e.g., AV, HIPS, firewalls, CVSS, OWASP 10, etc.) (desired)
Experience with or knowledge of various networking concepts and devices (e.g., routing, switching, VLANs, etc.)
Experience with or knowledge of various network security tools (e.g., firewalls, NIPS, WIPS, VPN, DLP, etc.) (desired)
Experience with or knowledge of various databases (e.g., Oracle, MS-SQL, etc.) (desired)
Experience with or knowledge of specific security technologies (e.g.ArcSight, Nexpose, Splunk, etc.) (preferred)
General information security certification (e.g., CISSP, CISM, etc.) (desired)
Technical information security certification (e.g., CCNP, MCSE, MCITP/MCTS, etc.) (desired)
Experience in the Financial Services industry (desired)
Prior consulting experience (desired)
Equal Employment Opportunity is not just the law, it’s our commitment. Read more about the Equal Employment Opportunity Law at http://www1.eeoc.gov/employers/upload/eeocselfprint_poster.pdf .
If you need assistance applying due to being visually or hearing impaired, please email Careers Help .
This organization is an equal employment opportunity (EEO) employer, dedicated to maintaining a work environment free of bias, harassment, discrimination and retaliation. As an EEO employer, this organization expressly prohibits discrimination, harassment, and retaliation on the basis of race, creed, ethnicity, color, age, religion, sex, sex stereotype, pregnancy (including childbirth, breastfeeding or related medical conditions where applicable), sexual orientation, gender, gender identity, gender expression, transgender, marital status, national origin, ancestry, physical or mental disability, requesting a reasonable accommodation based on mental or physical disability, medical condition (as defined by applicable law), genetic history and information, citizenship status, military or veteran status, or any other status protected by federal, state, or local law or ordinance or regulation (collectively referred to here as “protected characteristics”).
- ©2016 Teachers Insurance and Annuity Association of America (TIAA), 730 Third Avenue, New York, NY 10017
Job: Information Technology
Primary Location: NC-Raleigh
Req ID: 1712980