Cisco Information Security Support Engineer 

United States, North Carolina, Cary 

541369509

You are a seasoned professional with a deep understanding and experience in privileged account management. You are proficient in the complexities of identity and access management platforms. Skilled in secret management, password vaulting, privileged session management, and application-to-application authentication, alongside SSH key management. You have demonstrated capability in defining access control measures, managing application credentials, and formulating user access policies. Additionally, they possess experience in deploying and running cloud infrastructures, specifically on AWS, and are adept at maintaining CI/CD and automation tools on cloud instances. Familiarity with Python and Shell scripting for building integrations is considered a significant asset. Proficiency in authentication standards such as SAML, OAuth, SCIM, and other industry authentication/authorization/identity solutions is expected. You have experience with agile software development practices, expertise with PAM product suites, experience with monitoring or logging analysis tools such as System Center Operations Manager or Splunk, and proficiency in multi-cloud environments, particularly AWS, with a strong emphasis on CI/CD automation.

The role involves designing, developing, and fixing Identity Provider (IDP) solutions tailored for our internal clients, which includes providing comprehensive technical documentation, recommendations, specifications, business cases, requirements, and test cases. The individual will be responsible for configuring Single-Sign-On (SSO) authentication and API security management using leading Identity and Access Management (IAM) providers and must possess experience with federation services such as SAML, OAUTH, and OIDC. The candidate should have operational support knowledge and experience with top IDP platforms and display strong proficiency in analyzing logs, pinpointing authentication and authorization issues, and devising effective solutions. A key goal is to eliminate redundant capabilities, simplify processes, and uphold enterprise standards and industry best practices. The individual should be knowledgeable and experienced in enabling, migrating to, and/or overseeing an enterprise IDP platform based on best practices. Integration of IDP capabilities with Software as a Service (SaaS) and Platform as a Service (PaaS) cloud platforms is also a critical function. Candidates are expected to be adept in automating IDP processes through out-of-the-box capabilities, Robotic Process Automation (RPA), or the development of custom connectors/APIs. Additionally, a thorough understanding of Least Privileged Access Modeling, Role-Based Access Control, Separation of Duty, Agile methodologies and tools, and familiarity with COBIT and ITIL frameworks are essential for the role.

• 5+ years of Privileged Account Management with CyberArk or similar products with a Bachelors Degree in Computer Science, Computer Engineering, Electrical Engineering, or a related major such as Math, Physics or 3+ years of experience with a master’s degree in related field
• Experience in build, configuration, and support of one or more privileged identity & access management platforms, such as CyberArk, Conjur, Beyond Trust and Hashicorp Vault
• Experience in integral technology components such as secret management, password vaulting, privileged session management, application-to-application authentication, SSH key management
• Experience in defining Access Control, User Entitlements, Manage Applications Credentials, User Access Policy Management
• Experience in deployment and managing cloud infrastructure on AWS and maintenance of CI/CD & automation tools on cloud instances
• Python and Shell Script experience in building integrations is a plus
• Experience in authentication standards such as SAML, OAuth, SCIM, and other industry-standard authentication/authorization/identity solutions

• Agile Software Development
• PAM Product Suite
• Experience with monitoring or logging analysis tools (System Center Operations Manager, Splunk)
• Multi-Cloud and AWS
• CI/CD automation