Senior Security Engineer - PAM

Your Opportunity

In Schwab Cybersecurity Services (SCS), Office of CISO, we provide platforms, services, and security operations capabilities which enable the firm to produce successful client and shareholder outcomes securely and safely. Securing our IT assets, data, and access to applications is the core of who we are and what we do. We ensure only the appropriate entities have access to IT resources and that we adhere to best practices and standards to ensure a safe and compliant environment is maintained.

Identity and Access Management has an opening for a Sr. Security Developer, Identity and Access Management, to deliver and manage large, complex Identity and Access Management programs in the area of Privileged Access Management. The individual will ensure adherence to policy and provide leadership to the implementation of leading-edge technology to position the organization for success - improving efficiency, increasing security posture, and supporting growth of the firm's Identity and Access Management (IAM) Program.

What you'll do:

• Work as PAM engineer for One Identity suite of products for the IAM team to build, execute & deploy account and session management solution
• Duties include customer consultation and providing guidance and direction to consumers and support teams
• Build the technical as-is and to-be process documents.
• Review polices standards, guidelines, and procedures.
• Work with SOX/PCI audit group, support audit activities.
• Work closely with IAM Engineering to deliver the proposed solutions and provide strategic technical direction across the team
• Work closely with peer groups to achieve Organizational objectives
• Overall accountability for technical document delivery, technical support, and hands on technical work
• Oversee adherence to applicable Security Controls, Policies and Standards; partner with business owners and technology groups to synchronize plans to remediate gaps
• Contribute to secrets infrastructure design, including provisioning, distribution, scaling access policies, SSH key management, API key management, and reporting.
• Design, configure, and maintain secrets solutions for storage, machine auth, infrastructure components, cloud native product, applications, databases, cloud services (SaaS).
• Strong knowledge of Agile Scrum principles and practices
• Ability to lead and facilitate Scrum ceremonies

What you have

• Bachelor's degree or equivalent experience
• 8+ years' experience in Information Security field, Information Technology field
• Direct experience working within One Identity Suite of products OR Privileged Access Management technologies
• Experience on major projects or activities like upgrades, migration, enhancements, customizations, security remediations, etc., on One Identity Safeguard
• Experience with PAM Operational tasks - Defining Access Control, User Entitlements, Manage Applications Credentials, User Access Policy Management
• Experience with developing Rest API's
• 8+ years' experience in Java, J2EE, Python, Perl Scripts or any other programing language
• Experience with multiple LDAP user repositories
• Ability to effectively communicate with technical and non-technical audiences, both oral and written skills are required
• Experience in gathering requirements, documenting, and assessing information for implementing information security policies and standards is required
• Strong interpersonal, analytical, problem-solving, influencing, prioritization, decision-making and conflict resolution skills
• Strong initiative; self-starter; self-directed; ability to multi-task
• Certification in Agile methodologies, like Certified Scrum Master (CSM) or Professional Scrum Master (PSM).
• SAFe certification and Kanban certification are a plus.
• Ability to work collaboratively with cross-functional teams.
• Prior knowledge of Agile project management tools, such as Jira.
• Bachelor's degree in Computer Science or a related field plus CISSP, CISM, or equivalent certification is preferred

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.