Security Architect (Access management)
Company: Luxoft
Location: Washington
Posted on: November 8, 2024
Job Description:
Project descriptionAs part of our strategic partnership with one
of the biggest financial institutions in the World, we are hiring
various IT specialists, who will become part of their IT Service
Center. The bank is an international organization dedicated to
providing financing, advice, and research to developing nations to
aid their economic advancement. The bank predominantly acts as an
organization that attempts to fight poverty by offering
developmental assistance to middle- and low-income countries. Our
client is a provider of financial and technical assistance to
individual countries around the globe. The bank considers itself a
unique financial institution that sets up partnerships to reduce
poverty and support economic development.Responsibilities
- Architect and design Access Management technology solutions,
including installations, integrations, and supporting
infrastructure.
- Create and maintain enterprise standard architectural
documentation, reference diagrams, process models, and
runbooks.
- Technology Solutions:
- Plan, coordinate, and execute solutions for infrastructure,
cloud, and network activities related to Access Management,
including installations, upgrades, and patches.
- Implement and manage access management solutions such as
PlainID and Azure Active Directory (Entra ID), ensuring integration
with enterprise systems.
- Automate security tasks using Azure DevOps and infrastructure
as code (IaC) tools like ARM templates, Terraform.
- Utilize Microsoft Azure services (Azure Security Center, Azure
Sentinel, Azure Key Vault) to enhance security, compliance, and
enforce policies via Azure Policy and Blueprints.
- Utilize Azure Databricks for big data processing, advanced
analytics, and machine learning.
- Integrate access management solutions with enterprise systems
and Azure DevOps for CI/CD pipelines.
- Design secure network architectures using Azure Virtual
Network, NSGs, and Azure Firewall for secure connectivity between
on-premises and cloud environments.
- Review and improve infrastructure setup and deployment models
to ensure security and compliance.
- Cloud and DevOps Integration:
- Utilize Azure platforms and implement DevOps practices (CI/CD,
containerization, infrastructure as code, policy as code) to
streamline deployment and operations.
- Integrate Azure DevOps for automation pipeline in deployment
and testing, adhering to best practices.
- Policy Development and Management:
- Design and develop access management authorization policies
using natural language expressions.
- Plan and manage deployments of Access Management Policies and
authorization platforms, including PlainID installations, upgrades,
and patches.
- Cross-Functional Collaboration:
- Collaborate with developers, QA, project managers, and
stakeholders to ensure cohesive product development and
operations.
- Agile Methodologies:
- Use Agile/Scrum methodologies to facilitate iterative
development and rapid project delivery.
- Maintain authorization documentation in Azure DevOps and MS
Teams.
- Reporting:
- Expand the access management and authorization framework to
include new reporting and authorization capabilities. Develop a
robust and stable access management reporting framework and
solution that meets operational needs.
- Provide weekly status reports and timely deliverables and
updates.SKILLSMust have
- Access Management Expertise:
- Extensive Hands-on experience with Access Management
Authorization technologies.
- Experience with using standardized natural language framework
to develop and manage authorization policies.
- Experience with IAM components and general Authorization
Technology setup, configuration, and administration.
- Solution Architecture:
- Expertise in designing end-to-end solutions that align with
business needs and enterprise standards.
- Ability to create reference architecture diagrams using tools
like iGrafx or Microsoft Visio.
- Strong understanding of enterprise architecture frameworks such
as TOGAF, Zachman or similar frameworks.
- Experience in developing and maintaining enterprise
architecture artifacts, including principles, standards, and
guidelines.
- Azure Technologies:
- Extensive experience with Microsoft Azure services.
- Proficiency in Azure DevOps for CI/CD pipeline integration and
automation.
- Experience with Microsoft Entra ID for identity and access
management.
- Familiarity with Microsoft Purview for data governance and
compliance.
- Knowledge of Azure Resource Manager (ARM) templates and Azure
Policy.
- Expertise in designing and implementing scalable, secure, and
resilient cloud architectures.
- Cloud Security Design and Implementation:
- Experience with designing secure cloud architectures on
Microsoft Azure following best practices (CIS Controls, NIST, ISO
27001).
- Expertise in managing identities, authentication, and
authorization using Azure Active Directory (Entra ID).
- Data Protection:
- Experience with data encryption, data loss prevention policies,
and secure data storage solutions (Azure Blob Storage, ADLS, Azure
SQL Database) in Azure.
- Experience with Microsoft Information Protection (MIP) for data
classification and labeling.
- Experience with developing secure backup and recovery
strategies using Azure Backup and Azure Site Recovery.
- Network Security:
- Experience with designing secure network architectures using
Azure Virtual Network, NSGs, and Azure Firewall.
- Threat Detection and Response:
- Experience using Azure Sentinel and Azure Security Center for
threat detection and continuous security monitoring.
- Compliance and Governance:
- Knowledge with privacy compliance regulations using tools such
as Microsoft Purview Compliance Manager.
- Security Monitoring and Auditing:
- Experience with implementing audit and security monitoring
practices with Azure Monitor and Log Analytics.
- SharePoint:
- Experience integrating SharePoint with other IAM solutions to
ensure seamless access control and compliance.
- Database Experience:
- Expertise in database security and administration (Oracle,
Postgres, MSSQL, Cosmos DB).
- Knowledge of data warehousing and ETL processes.
- API Integration and Development:
- Strong experience in API design, development, and management
using Azure API Management and OAuth/JWT for security.
- Experience with API documentation tools like
Swagger/OpenAPI.
- General Technical Skills:
- Strong understanding of software development lifecycle (SDLC)
and agile methodologies.
- Proficiency in programming languages such as C#, JavaScript,
Python, and experience with version control systems like Git.
- Strong problem-solving skills and experience troubleshooting
complex technical issues.
- Soft Skills:
- Strong communication and collaboration skills with the ability
to present solutions to stakeholders and manage multiple
priorities.Additional Requirements:
- Professional Experience:
- 8+ years of hands-on experience with IAM technology
architecture, design, and development.
- Bachelor's degree or higher in Computer Science or a related
field.
- Certifications:
- Relevant certifications such as Microsoft Certified: Azure
Fundamentals, Azure Solutions Architect Expert, Azure Security
Engineer Associate, Security, Compliance, and Identity
Fundamentals, Power BI Data Analyst Associate are highly
desirable.Nice to have.
#J-18808-Ljbffr
Keywords: Luxoft, Wheaton-Glenmont , Security Architect (Access management), Executive , Washington, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...