Grainger
North America's leading B2B supplier of maintenance, repair and operating supplies and related services.
Chicago, IL

IAM Security Domain Architect

Sorry, this job was removed at 2:55 p.m. (CST) on Friday, January 18, 2019
Find out who's hiring in North Suburbs.
See all Cybersecurity + IT jobs in North Suburbs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Job Title:Domain Architect

This individual is responsible for design and development of new security solutions, Tier III Support, SDLC, product life cycle, forensics and investigations, IT & Application penetration testing, documentation, and RCA’s. The individual will facilitate and gather requirements from our customers and provide security solutions to meet their needs while aligning with Grainger strategies, policies, standards, guidelines, and procedures.

  • Actively protects the integrity and confidentiality of Grainger information assets while enabling business functionality in all systems and environments by implementing and supporting applicable security solutions
  • Serve as an SME in all areas of Identity Access Management; Provide subject matter expertise for Architecture, Planning and Roadmap sessions
  • Engineer solutions to ensure Payment Card Industry (PCI-DSS) and Sarbanes-Oxley (SOX) Compliance
  • Works to ensure projects are completed on budget
  • Provide Expert access troubleshooting and production support as needed in all systems across the enterprise especially related to Active Directory, IAM, Privileged ID Management, and SAML technologies
  • Partner and execute complex changes in the Security Landscape based on results from analysis received from Internal Controls & Compliance, Internal Audit, External Audit and other functions as deemed appropriate
  • Supports departmental and corporate goals by meeting key performance indicators and defined metrics
  • Fully support and follow Change Management processes and procedures
  • Resolve and troubleshoot incidents and which have been escalated from Analysts and Engineers professionally within established SLAs, with accurate communication to the appropriate parties 
  • Anticipate customer needs and proactively identify solutions
  • When necessary, escalate appropriately to the internal support teams and/or vendor per established escalation procedures.
  • Perform daily / weekly administrative tasks and special assignments as required
  • Serve as a backup to Engineer II in all areas and as a back up to supervisor.
  • Identify and lead large and complex Continuous Improvement projects seeking opportunities to more effectively address team processes and customer needs. Guide team members on less complex Continuous Improvement Opportunities.
  • Review and provide guidance to Analyst and Engineers on knowledgebase articles.
  • Serving as a technical escalation resource to Engineer II team members
  • Support the SOX Compliance processes by providing leadership and support to Analysts and Engineers. Recommend and lead implementation of new functionality to enhance compliance processes. Ensure SOX controls are followed and effective.
  • Demonstrates an advanced understanding of troubleshooting and configuring Drivers, Privileged ID Management, and SAML SSO integrations.
  • Has an advanced understanding of enterprise workflows enabling them to perform advanced troubleshooting and create advanced workflows.
  • Ensure documentation is completed and training occurs prior to production acceptance, follows SDLC processes and procedures, completing required project documents
  • Highlight any individual or team training / knowledge gaps that may exist and work with management to address/resolve
  • Building, releasing and importing Identity Access related changes.
  • Lead large projects, manage and train team members assigned to projects, with little to no direction.
  • Participate in internal training sessions, Lead training sessions for the entire team
  • Coaching and serving as a technical escalation resource to team members and groups in or outside the department on all Identity Access related technical issues.
  • Develop secure, workable solutions aligned with business objectives.
  • Engineer solutions to ensure Payment Card Industry (PCI-DSS) and Sarbanes-Oxley (SOX) Compliance
  • Document solutions engineered to be handed off to Analysts, Engineers, Engineer IIs and support organizations. Review and contribute to documentation created by Engineer IIs. Serve as an SME in all areas; Provide subject matter expertise for Architecture, Planning and Roadmap sessions
  • Understanding of Cloud solution best practices and integration techniques
  • Facilitate the gathering of security requirements/specifications specific to Remote Connectivity (intra and intercompany), Internet facing solutions, eCommerce, Mobility, etc
  • Lead efforts for selection of vendors, devices and tools and provide input to management. Active in existing vendor management, including renegotiation and annual true-up processes.
  • Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies
  • Lead in forensic investigations using standard tools and procedures to provide data to Legal, HR and Management
  • Perform Root Cause analysis on incidents engaging proper SMEs for assistance
  • Follow SDLC processes and procedures with the ability to perform code review and analysis.
  • Lead security project implementation from conception, design, testing and implementation.
  • Serve as a mentor to Engineers.
  • Lead and participate in, as required, analyzing, developing, and implementing large or complex Identity security solutions, as requested by business and process team partners.

Education:

  • Bachelor’s degree in Information Systems or related degree, or equivalent job experience. 

    Experience:

  • 7+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer platforms.
  • 7 or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments.
  • Expert understanding of Identity technologies and understanding of integration of applications within a distributed environment
  • Expert understanding of certificate based authentication and certificate
  • management (e.g. SSL and PKI)
  • Expert understanding of position based security model within the HR Org and distribution throughout the enterprise
  • Expert understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)
  • Experience in implementation and management of security access systems within the enterprise and in the cloud (e.g. Federation, SAML, etc.)
  • Demonstrates an expert understanding of how security access systems integrate across the enterprise
  • Any of the following are highly preferred: CISSP, CRISC, CISM or CCIE Security
  • Ability to quickly learn, become competent in, and effectively apply new skills
  • Ability to independently and effectively prioritize and execute tasks in a complex environment for self and team members
  • Knowledge and ability to teach/mentor an Engineer II provides regular knowledge transfer to team members
  • Experienced in leading large security access system upgrades/projects
  • Ability to add/change and provision roles and tasks in an IAM environment via standard business applications.
  • Demonstrates an advanced understanding of how an IDA system integrates with SAP.
  • Experience writing, executing and troubleshooting advanced Power shell scripts.
  • Has an advanced understanding of an IAM environment and related technologies, including Active Directory and SAP
  • Advanced Experience in supporting identity access applications.
  • Ability to troubleshoot user account and directory object issues throughout the IAM environment including Privileged ID Management, Active directory, and SAML environment.
  • Demonstrates an advanced understanding of troubleshooting and configuring the IAM landscape including Privileged ID Management and SAMIL SSO integrations.
  • Has an advanced understanding of enterprise workflows enabling them to perform basic troubleshooting and create basic workflows.
  • Experience and hands-on working knowledge with a variety of Security tools including but not limited to Identity and Access Management, LDAP, Active Directory, forensics software, and security incident response.
  • Highly self-motivated with strong attention to detail
  • Strong verbal and written communication skills
  • Strong presentation skills
  • Very strong analytical and problem-solving skills

“Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”

See More
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

What are Grainger Perks + Benefits

Grainger Benefits Overview

With benefits starting day one, Grainger is committed to your safety, health and wellbeing. Our benefits provide a wide range of programs and resources for nearly every aspect of the full life you and your family lead – supporting your life today and in the future.

Some benefits are provided automatically, while others are offered at reduced group rates. Whatever you need, you’ve got this because you’ve got Grainger. Visit GraingerTotalRewards.com for a complete picture.

Culture
Volunteer in local community
Partners with nonprofits
Open door policy
Employee resource groups
Employee-led culture committees
Quarterly engagement surveys
Hybrid work model
In-person all-hands meetings
Employee awards
Flexible work schedule
Remote work program
Diversity
Dedicated diversity and inclusion staff
Highly diverse management team
Mandated unconscious bias training
Diversity manifesto
Diversity employee resource groups
Team members connect in, African American, Asian-Pacific Islander, Disability, Equality Alliance, Generational, Latino, Veterans and Women's Business Resource Groups.
Hiring practices that promote diversity
Diversity recruitment program
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Mental health benefits
Transgender health care benefits
Abortion travel benefits
Financial & Retirement
401(K)
Team members can contribute up to 75% of pay up IRS limits on a pre- or post-tax basis. Your contributions are always 100% vested.
401(K) matching
Grainger automatically contributes 6% of your eligible pay into your retirement savings plan account each pay period. This contribution is always 100% vested.
Employee stock purchase plan
You are eligible to participate in Grainger's ESPP once you have completed at least 90 days of service and are regular full-time or regular part-time, scheduled to work at least 20 hours a week.
Performance bonus
Charitable contribution matching
For every $1 a team member donates to charity, Grainger amplifies that impact with a $3 matched donation.
Child Care & Parental Leave Benefits
Generous parental leave
Family medical leave
Adoption Assistance
Grainger supports team members and their families who are in the process of adopting by reimbursing up to $6,000 per adoption for eligible expenses.
Return-to-work program post parental leave
Fertility benefits
Vacation & Time Off Benefits
Generous PTO
Paid volunteer time
Paid holidays
Flexible time off
Bereavement leave benefits
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Beverages and coffee on demand in our downtown locations.
Onsite office parking
We offer employees discounted parking rates at our Chicago office locations.
Relocation assistance
Mother's room
Onsite gym
Professional Development Benefits
Job training & conferences
Tuition reimbursement
Our tuition reimbursement plan covers the first $5,250 per year towards a degree program. Amounts that exceed $5,250 are reimbursed at 50% and there is no program maximum.
Lunch and learns
Promote from within
Mentorship program
Continuing education available during work hours
Online course subscriptions available
Customized development tracks
Paid industry certifications
Personal development training

More Jobs at Grainger

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about GraingerFind similar jobs like this