POSITION SUMMARY
The IAM Security Engineer is responsible for designing, configuring, implementing, and operating technologies, processes and procedures related to identity and access management with an overall goal of ensuring that user identities and permissions are effectively, securely, and efficiently managed. The ideal candidate will have a deep understanding of cloud security principles, and experience with Oracle security (role design, user lifecycle management, segregation of duties, etc.).
QUALIFICATIONS
EDUCATION: Bachelor's degree in Computer Science, Information Assurance or related field plus 4-5 years of relevant experience. In lieu of a Bachelor's degree 6 total years of related experience required. At least 3 years' experience in Oracle ERP security, GRC and cloud security, with a focus on Oracle Cloud Infrastructure.
LICENSE/CERTIFICATION: Information security certifications are preferred and recommended. CISSP is preferred, but will consider others. At least one information security certification is required after 18 months of employment. Oracle cloud security certifications desired.
EXPERIENCE: Experience and/or significant knowledge of Oracle Identity Manager and Oracle Access Governance is strongly preferred. Experience with information security concepts and implementation of security controls is required. This person may work frequently with vendors and business partners on projects and various assignments. Strong technical, analytical, and administrative skills required. This position may require on-call responsibilities.
PERFORMANCE EXPECTATIONS
Administers identity and access management applications to bolster compliance with organizational security policies.* Identifies, implements and monitors system integrations between identity and access management platforms and other necessary systems.* Identifies identity and access control needs and develops processes to satisfy organizational and regulatory requirements.* Maintains appropriate technical and project documentation related to identity and access management projects, controls, standards and procedures.* Provides security expertise for developing and maintaining secure standard configurations for operating systems and applications; configures non-compliant systems to adhere to standards.* Remains current on available security/audit functionality for systems and maximizes use.* Assists in identifying system and process security vulnerabilities; makes recommendations for procedures and/or controls to manage risks, and monitors remediation activities.* Identifies and escalates actual and suspected violations of information security policy and processes.* Assists with the development and delivery of education materials for security-related topics to bolster security awareness throughout the organization.* Assists in the evaluation, implementation, and configuration of cross-platform, third party security products ensuring conformance to established standards.* Responsible for the daily monitoring of security systems and responds appropriately to alerts and events.* Monitors and responds to requests for support as appropriate.* Assists with security incident investigations and maintains appropriate incident management documentation.* Evaluates and reports on vendor issued security patches and advisories and is responsible for advising, tracking, and assistance with testing and deploying security patches where appropriate.* Maintains knowledge of identity and access management workflows and security best practices and provides subject matter expertise and guidance to colleagues and stakeholders.* Provides periodic status reports on progress of open projects, issues, work status, and seeks guidance where appropriate.* Understands and practices the AtlantiCare and Information Technology values. Adheres to AtlantiCare and Information Technology policies and procedures. Performs other duties as assigned.
WORK ENVIRONMENT
Potential for exposure to the hazards and risk of the hospital environment, including exposure to infectious disease, hazardous substances, and potential injury. This position requires repetitive motion, fingering, grasping, hearing, and speaking a majority of the time. This position also requires spending time with such equipment as computer terminal, fax machine, copier and telephone.
REPORTING RELATIONSHIP
This position reports to department leadership.
Essential functions for this position are identified by an asterisk *.
The above statement reflect the general details considered necessary to describe the principle functions of the job as identified and shall not be considered as a detailed description of all work requirements that may be inherent in the position.