Forgerock Security Engineer - Tampa, United States - C4 Technical Services

Description

Forgerock Security EngineerWork Location:
Remote

DescriptionAccountable for activities that ensure all users in the organization have the appropriate levels of access to applications, systems, and data resources.

Evaluates and maintains procedures to safeguard information systems assets from intentional or inadvertent access or destruction. Ensures compliance with Security regulations and laws. Recommends and implements changes to enhance security controls and prevent unauthorized access. Responsible for role-based implementation, role management, and access governance. Implements and manages the enterprise security support model for new applications. Monitors systems, networks, servers, and databases for potential system breaches. Responds to alerts from information security tools. Assigned to projects of medium size/scope. Provides consultative expertise on a wide variety of project and initiatives.


Essential functions:

• Responsible for supporting the ForgeRock Identity Platform including Identity Gateway
• Migrate Webservices/APIs to the ForgeRock Platform for secure authentication and assist in integration with API Gateway
• Migrate internal, and business partner users to ForgeRock
• Developing custom integration, workflows and rules between tools using Agile methodologies.
• Performs a lead role in promotion of security awareness programs, assessing gaps and implementing solutions.
• Responsible for the end-to-end completion of security requests.
• Provisions user security roles and manages security groups across systems, platforms, databases, applications, servers, directors, and folders.
• Analyzes existing role structures to improve and streamline structures, security administration and improve end-user experience.
• Responsible for highly sensitive security access for outsourced vendors and ensuring compliance with policy, regulations, and contractual requirements.
• Accountable for highly sensitive emergency processes.
• Creates or maintains application scripts and uses application specific tools to create or manage application security.
• Tracks and documents security issues and requests, actively monitors work queue.
• Plans, coordinates, communicates, tests, and implements audits ensuring that access entitlements are appropriate for job requirements.
• Accountable for follow-up of all security work requests including collaborating with other IT areas to ensure timely completion/resolution and obtainment of appropriate approval levels.
• Interfaces with users to understand new capabilities, implement procedures, ensure security procedures have been communicated properly and are being adhered to.
• Provides input to drive process improvements.
• Works closely with business areas and IT partners on troubleshooting, pre-implementation activities and to assess application security.
• Maintains and creates operational procedures and maintains Security Knowledge Base.
• Performs system monitoring activities, identification and evaluation of security threats, breaches, and vulnerabilities.
• Responds to security alerts.
• Responsible for on-call release support.
• Acts as lead liaison for internal and external audit requests and activities. Leads remedial activities as the result of audit findings.
• Defines scope of operational initiatives and adjusts priorities to support workload.
• Provides subject matter expertise, leadership, and guidance to work teams and end users on security policies, standards and procedures and processes.
• Investigates business processes to understand and implement security requirements weighing business needs and security risks and resolving issues.
• Research solutions works with vendors to enhance Security Monitoring Program.
• Coordinates and documents exceptions to security policy as directed by the Exception Governance Team.
• Develops training content as needed.

Job Duties:

In-depth knowledge of Information Technology field and computer systemsDemonstrated organizational skillsDemonstrated ability to adapt to change and collaborate as part of a teamAbility to manage tasks independently without close supervision and take ownership of responsibilitiesAbility to learn from mistakes and apply constructive feedback to improve performanceMust demonstrate initiative and effective independent decision-making skillsAbility to communicate technical information clearly and articulatelyMust have an understanding of the systems development life cycleAdvanced analytical thinking, problem solving, quantitative analysis ability.

Must have an advanced understanding of Information Security concepts, protocols, industry best practices, and regulatory requirements.
Proficiency with Windows skills are required, e.g., Windows Explorer, Word, Excel, PowerPoint, Outlook, etc.
Must demonstrate expertise with security management toolsWorks without daily supervision to meet customer expectationsHigh critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy

Preferred Experience

Experience with ForgeRock Access ManagementExperience with ForgeRock Identity ManagementExperience with Microsoft Active Directory and LDAPProficiency with Active Directory groups and user accounts, Windows folder structures and folder securityDevelopment experience in any technologies, Java, PowerShell, etc.

Proficiency with database security and tools used to administer security within the various databases, e.g., UDB, DB2, SQL and OracleProficiency of UNIX/Linux security and tools used to administer security in these environment

Required Experience:5-8 year of related work experience or equivalent combination of transferable experience within IT Security

Required Education:
Related Bachelor's degree in an IT related field or relevant work experience

Required Certification:
COMPTIA Security+ or equivalent

#J-18808-Ljbffr