Sr Identity & Access MGMT Engineer
Discovery CommunicationsBellevue, WA
Full Time Job
This position will support Digital Platforms & Business Systems and assist with diverse information security efforts for Discovery’s continued growth in expandinging consumer experiences on digital platforms. Sr Identity & Access Mgmt Engineer will support implementation and auditing of cyber security requirements, and help align requirements with Digital Platforms.
The ideal candidate will be knowledgeable in agile software development methodologies as well as Secure Code best practices. Applicant should have experience collaborating with enterprise architects, application developers, consultants and vendors in a globally distributed environment. Candidate must have several years of hands-on experience with authentication solutions (SAML 2.0, SWA, OIDC, and JWT). Candidate will provide technical support for D2C teams implementing IDAM technologies and workflows across platforms, including D2C platforms, Discovery’s portfolio of apps and products including Motor Trend, PGA streaming services, and the Eurosport Player – Eurosport being the leading provider of locally relevant, premium sports and Home of the Olympic Games across Europe. In addition, candidate will work closely with the TVN Information Security team – TVN being Discovery’s leading broadcaster in Poland.
Candidate will report directly to the VP, Global Product Security (D2C) and will work collaboratively and effectively with Global Information Security, Digital, Broadcast, Business Systems and Infrastructure teams to deploy appropriate, risk-based safeguards and technical direction.
1. 24x7 on-call availability for Information Security issues across the globe
2. Develop and execute security assessment test plans, document and present results
3. Design, develop and maintain a comprehensive IDaaS solutions based on the Okta (identity and access management) platform
4. Have experience in identity access management, to include single sign on, identity federation, enterprise directory architecture and design, and resource provisioning; Okta preferred.
5. Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
6. Work collaboratively and proactively across the organization (e.g., Technical Architects/Leads, Product managers, Digital Media Program Teams, etc.) to support and remediate security gaps
7. Review Technical Architecture and Delivery for IDAM and other Client Delivery Platforms
8. Responsible to install, integrate and deploy IDAM products in client environments.
9. Work with the Identity Access Management team to continue making enhancement to the Identity Access Management program.
10. Work closely with development teams to perform User management, group management and Password management requests.
11. Create and maintain Identify Access Management metrics.
12. Document various system access for all Users to store in a centralized repository (CMBD)
13. Support efforts regarding audit findings, adherence to compliance and organizational change.
14. Responsible for working to resolve Okta system issues escalated within the service level agreement.
15. Ability to create, and modify CONOPS, and Standard Operating Procedure documents
16. Stay connected to emerging technologies/industry trends and apply them into operations and activities
* 5 years in large, international, Information Security teams
* 5 years working with Identity and Access Management platforms
* Fluent in Swedish, French, or Polish would be nice to have
* Broad knowledge of IT Security technologies, process, and techniques and a strong understanding of application security leading practices including OWASP and CWE.
* Experience deploying cybersecurity solutions in a public cloud environment (IaaS, PaaS, SaaS)
* Experience working with Agile development/Scrum methodologies, and incorporation of security requirements into SDLC (CI/CD) with product owners/managers
* Excellent knowledge of software and application design and architecture
* Strong Knowledge of TCP/IP, DNS, HTTP, HTTPS, VPN, SQL and other database technologies
* Experience with Unix/Linux and Windows operating systems in an Active Directory environment
* Experience with endpoint security and SIEM technologies, e.g., Carbon Black, QRadar
* Experience working in large global environments
* Excellent communication and presentation abilities with great attention to detail
* CISSP, CEH, GWEB, CWAPT, CASS, SCADA, CCSP, CSSLP, CISSP-ISSAP or OSCP certifications are highly desired
* Must have the legal right to work in the United States
bellevue, washington, blv, wa