Full-time
Principal Engineer IAM - National Rural Electric Cooperative Association (NRECA) - Arlington, VA

Job detailsJob TypeFull-timeFull Job DescriptionJob Description
Position Summary:
Provides expert research, technical support, and guidance to lead architects, lead developers, lead technical staff and business owners to ensure that NRECA adequately safeguards its data and information systems based upon a detailed technical understanding across multiple security domains. Creates and implements, in collaboration within IT and with business areas, a foundation and framework of Identity & Access Management infrastructures, processes, methods and standards. Manages large scale Enterprise Identity Security initiatives and projects and contributes to any project requiring complex Application Security support.Essential Duties and Responsibilities: Establishes and implements Identity & Access Management security strategy and roadmap to reduce risk exposure of NRECA critical applications.Leads all application development teams in the integration of Identity & Access Management into development pipelines by proactively engaging development teams to identify vulnerabilities and develop security requirements.Acts as an ambassador and subject matter expert for Identity & Access Management security architecture and cybersecurity while engaging with other lead technical leaders throughout the organization in design and implementation of secure cloud enabled solutions.Manages large scale Enterprise Identity & Access Management initiatives and projects; and contributes as an Identity & Access Management Architect or an Identity Security Expert to any project requiring complex Security Expertise.Functions as a key member of the information security services team working with a wide variety of other technical groups within information technologyResearches and develops Identity & Access Management strategy IT prioritization Senior LeadershipEstablishes authentication and authorization security best practices for all development teams to follow.Interprets technical documentation to drive implementation of new technologies.Writes code for IAM component integration. i.e. Custom Application connectors, scripts, programs, etc.Architects and implements new Identity and Access Management systems for NRECA products, employees, and cooperative members.Drives roadmap, strategy, innovation for all aspects of IAM products including NRECA’s strategic cloud and mobile initiatives.Develops, tests, implements, supports and enhances NRECA’s “suite” of custom Enterprise Security Services such as IdentityProvider, Identification, RoleProvider, and Auditing API’s.Acts as a project resource on various business application development projects to promote secure software development and to ensure that proper security controls are included in the requirements, design, and implementation phases of the SDLC.Validates current- and future-state architectural models to assess impact across assigned Cybersecurity technology systems.Reviews solutions to ensure new and existing integrations are implemented to best practice and security standards.Drives intake and fulfillment of bugs, fixes, and enhancements.Provides subject matter expertise for supported security technologies and during escalations.Responsible for the proper security and disposal of any confidential information that he or she may possess in the course of performing this position’s job duties, in accordance with NRECA’s Personnel & Administrative Policy and HIPPA Privacy and Security Policies & Procedures Manuals.Qualifications
Formal Education Required:
Bachelor’s Degree in Computer Science, Information Systems, Systems and Technology, Business Administration, or related field. Master’s degree preferred.Experience and Certifications Required:
15+ plus years’ progressive experience in at least one of the following areas: application development, systems integration, risk management and/or identity and access management. Experience with a cloud provider(s) Amazon AWS, Microsoft Azure.In addition, 10+ plus years’ experience working with Application Development and Secure System Development Life Cycle (SDLC) methodologies, as well as ten years’ demonstrated experience as an application developer of medium to large-sized, complex technology initiatives.Experience with at least 2 of the following: Programming/scripting languages/tools (e.g. Java; Angular/JavaScript, C#; C++, ASP.NET), Windows Server Products and the C# programming language. Experience with continuous integration and continuous delivery (CI/CD) tools and test-driven development. Experience with Agile frameworks preferred.Technical certification such as Microsoft Certified Professional Developer (MCPD), Certified Information Systems Security Professional (CISSP). Cloud Architecture and/or Cloud Security Certifications (AWS, Azure, GCP) or Cloud Security Alliance (CCSP, CCSK) (ISC)2 or working towards these certifications.FLSA Status: ExemptKnowledge, Skills and Abilities Required ( as demonstrated by prior work experience ) : Knowledge with Angular/JavaScript.Knowledge of building and deploying RESTful APIs, HTTP, and web services.Knowledge of IAM protocols and specifications such as SAML, OpenID Connect, 2FA / MFA, OAuth 2.0, Graph API, Active Directory, LDAP and SCIMKnowledge of configuring, administering, and customizing Identity Management Solutions such as Microsoft Identity Manager (MIM/FIM/ILM/MIIS), or comparable Identity Management solution.Knowledge of IAM technology and related vendors, including the following: Okta, Ping, AD FS, PAM, Azure AD.Knowledge with a cloud provider(s) Amazon AWS, Microsoft Azure.Ability to understand, implement, and automate Identity & Access Management controls in Amazon AWS or other public cloud providers.Ability to define issues, establish facts and draw valid conclusions and apply to work environment.Ability to lead people and foster collaborative skills and consensus building while operating in a fast-moving environment as demonstrated by prior work experience.Interpersonal skills, member service orientation and ability to work in a team environment as demonstrated by prior work experience.Ability to communicate, both verbally and in writing, with a diverse membership, employees and/or vendors in a clear and precise manner.Ability to use Microsoft Office tools (Excel, Word, Outlook, Power Point) in the day-to-day essential duties of the job.Ability to operate various office equipment such as personal computer, copier, printer, fax machine or other job-related equipment.Ability to provide service excellence by building relationships, being resourceful, responsive and respectful.Essential Physical Requirements :The worker is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal and extensive reading.Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg controls requires exertion of forces greater than that for sedentary work and the worker sits most of the time, the job is rated for light work.Additional Requirement: The preceding job description has been written to reflect management’s assignment of essential functions. It does not prescribe or restrict the tasks that may be assigned. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.NRECA is committed to working with and providing reasonable accommodation to individuals with physical and mental disabilities. If you need special assistance or an accommodation while seeking employment, please e-mail humanresources@nreca.coop or call: 703-907-5992 - NRECA Arlington Human Resources. Please call 402-483-9275 - NRECA Lincoln Human Resources, for Lincoln, NE employment opportunities. We will make a determination on your request for reasonable accommodation on a case-by-case basis.EEO is the Law. The law requires NRECA to post a notice describing the Federal laws prohibiting job discrimination. For information regarding your legal rights and protections, please click on the following link: EEO is the Law and EEO is the Law Supplement .Pay Transparency Non-Discrimination. NRECA will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. Please see the Pay Transparency Nondiscrimination Provision for more information.E-Verify. As a Federal Contractor, NRECA is required to participate in the E-Verify Program to confirm eligibility to work in the United States. For information please click on the following link: E-Verify .Job Type: Full-time

Apply for this job  or Save to My Jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.