The Identity and Access Management team is part of the Technology and Risk Office and provides the plan build and run functions for enterprise wide Identity and Access Management solutions. The UNIX Access Management Engineering position is responsible for design and engineering functions for UNIX Access Management solutions. The position is focused on centralizing authentication and permissions for UNIX access through implementation of Quest Authentication Services for UNIX-to-AD authentication integration and BeyondTrust Power Broker for replacement of sudo and centralizing authorization to UNIX. In addition the position develops and supports tools for automating provisioning, deprovisioning, and reporting on access to UNIX host Layer
This position requires a strong background in UNIX security, and specifically in user account and privilege management for UNIX servers on AIX, Linux, and Solaris platforms. Additional requirements include extensive shell scripting for automation and packaging, experience with Active Directory, and advanced knowledge with Quest Authentication Services, Beyond Trust Power Broker, or similar technologies and concepts for centralizing UNIX authentication and authorization.
This position requires: attention to detail, the development of detailed security documentation and procedures, strong team skills, the ability to work independently as well as with others, the ability to multi-task assignments, and the communication of complex technical information to team members, all levels of management and customers. The candidate should have experience working in a large enterprise and be able to work well under pressure.
Essential Functions:
- Provide Design and Engineering support for UNIX Access Management solutions
- Review requirements for UNIX Access and security and design and implement security solutions.
- Proposing and presenting UNIX access management configuration changes and technology upgrade paths to IT management
- Developing documentation, requirements, specs, test strategies and implementation plans
- Providing technical assessments and recommendations for UNIX security solutions
- Shell Scripting for solution development, packaging and automation
- Interface with team members and partners of varied levels from across the organization to ensure that business requirements are met without compromising security.
- Ensures implementation of system access controls based upon KP-IT Information Protection policies and standards
- Responsible for enforcement of Systems Development Lifecycle and programming standards
- Designs the integration and implementation of various technologies and systems architectures.
- Performs second and third level problem determination and resolution.
Qualifications:
Basic Qualifications:
- Bachelor's degree in a related field and/or a minimum of 4 years of equivalent work experience
- A minimum of 10 years of experience in Information Technology (IT) including development, implementation, communication, monitoring and maintenance of information security policies and procedures
- A minimum of 8 or more years of UNIX security & user administration experience
- Requirements gathering, analysis, and design for UNIX access / security
- Strong UNIX skills (AIX, Linux, Solaris) with a focus on Identity Management
- Advanced Korn Shell programming
- Understanding of sudo/elevated privileges
- Active Directory administration and/or UNIX-to-AD authentication integration experience
- PAM Authentication product experience
Preferred Qualifications:
- Master's degree
- Certified Information Systems Security Professional (CISSP)
- Active Directory experience
- Quest Authentication Services
- BeyondTrust Power Broker or similar technologies to centralize UNIX access
- Java design and development experience
External hires must pass a background check/drug screen.
We are proud to be an equal opportunity/affirmative action employer.