Multi Factor Authentication (MFA) Lead Engineer
Role Overview:
In this role as a Multi Factor Authentication (MFA) Lead Engineer, you will be responsible for the overall strategy, planning, development & support of TransUnion’s MFA solution and its associated processes. The individual in this role will provide overall implementation and direction into the MFA and IAM functions across the organization, including areas such as federation, access management, authentication & authorization, security and provisioning identity data. The Lead MFA Engineer will work closely with Cyber Security, service desk, systems engineering, network security, audit, application developers and other administrators in creating functional, scalable and secure MFA operations as well as the design and development of new business applications. She/he will also be responsible for identifying, evaluating and participating in decision making around new and emerging IAM/MFA technologies and should be able to support other areas of Information Security as needed.
- Lead MFA engineering strategy and execution, which includes setting direction for engineering efforts, driving technology selection (Including buy vs build decision) and being actively involved as the functional technical leader during implementation.
- Demonstrate an advanced understanding of troubleshooting and configuring applications, MFA endpoints, and API integrations.
- Expert level experience with multifactor authentication solutions and smartcard technologies.
- Serve as the subject matter expert in *nix authentication and authorization capabilities.
- Participate in installing, upgrading, configuring and evaluating new MFA products including mobile and biometrics.
- Provide expert level security consultation on internal projects focusing on business needs, security’s role in change management, and how data is transmitted internally and externally.
- Evaluate and monitor project efforts, timelines, and task management. Partner with internal business units to ensure projects remain on target, within budget, and are completed according to internal policies and security standards
- Delegate tasks to ensure areas of the project are carried through timely and effectively
- Act as functional leader of engineering team, drive to establishing a strong engineering culture, and mentor and coach junior engineers.
- 7+ years' Information Security experience with at least 3 of those years focused on RSA SecureID or other multi-factor authentication solutions (Duo, SecureAuth, Ping ,OAAM etc.)
- Extensive experience with securing, hardening, and maintaining systems with Multi factor capabilities like Duo security, Yubikey or RSA SecureID
- Strong understanding on MFA constructs within Cloud environments
- Very good understanding and demonstrated use of DevOps tools (e.g. Jenkins, Ansible, Vault) with CICD capabilities.
- Expert level experience with databases, LDAP and directory services, application servers, operating systems and network infrastructure.
- Solid technical background in J2EE and vendor based applications.
- Automation experience with Ansible play books and programming languages like Java, Perl, Python or Powershell scripting.
- Ability to solve complex problems while effectively communicating technical concepts.
- Ability to learn and apply new technologies quickly. Eagerness to learn new things.
- Working knowledge of various security tools.
- Additional Requirements:
- Degree in Computer Science and/or related degree
- Hands on experience and working knowledge of security tools and concepts
- Ability to effectively prioritize and execute tasks in a fast paced environment
- Experience architecting IAM/MFA solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud providers.
- Experience with administration or implementation in AWS public cloud and on-prem private cloud technologies.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.