Build Your Career in Cybersecurity -
YOUR WAY

Job Purpose and Impact

The IAM Principal Engineer provides technical expertise on areas of authentication, authorization, access management, privileged access management, identity governance and administration, IAM modernization for humans and machines.

Company Overview

Cargill’s size and scale allows us to make a positive impact in the world. Our purpose is to nourish the world in a safe, responsible and sustainable way. We are a family company providing food, ingredients, agricultural solutions and industrial products that are vital for living. We connect farmers with markets so they can prosper. We connect customers with ingredients so they can make meals people love. And we connect families with daily essentials — from eggs to edible oils, salt to skincare, feed to alternative fuel. Our 160,000 colleagues, operating in 70 countries, make essential products that touch billions of lives each day. Join us and reach your higher purpose at Cargill.

• Provides advanced architecture and engineering support to automate and administrator identity and compliance requirements into all enterprise information systems.
• Executes identity management roadmaps and technology enhancements.
• Creates and maintains standards surrounding documentation related to identity processes, procedure and infrastructure.
• Assesses current applications and architecture to ensure current implementations align with identity-first security strategies, industry guidelines, best practices and management approved standards.
• Architects and plans for implementing directives in secure and frictionless manner.
• Assists various IT departments with design, implementation and troubleshooting of security technologies. Provide security guidance and requirements to technology teams when no solution is currently available
• Other duties as assigned

Minimum Qualifications

• Bachelor’s degree in computer science, information systems, cybersecurity, or a related field
• 6+ years of related work experience
• 6+ years of professional experience with identity technologies and concepts
• 6+ years of professional experience with directories, Single-Sign On (SSO), identity federation, privileged access management, automated life-cycle management
• Proven knowledge of security (preferred - CISSP, CISA, CISM)
• A deep understanding in application integration patterns and API-based access control

Preferred Qualifications

• Proven hands-on experience with developing/architecting solutions using two or more leading IAM Solution providers such as Azure Entra ID, Okta, Sailpoint, Saviynt, CyberArk, BeyondTrust
• Demonstrated experience with performance management and capacity planning for large scale enterprise applications
• Thorough understanding of modern enterprise architecture and hands-on experience with Enterprise Application frameworks
• Provide direction, delegating and removing obstacles to get work done
• Develop and deliver multimode communications that convey a clear understanding of the unique needs of different audiences
• Hold self and others accountable to meet commitments
• Excellent knowledge of MFA, risk based and adaptive access control and protocols such as OpenID Connect, SAML, OAuth 2.0 and SCIM
• Ability to translate business strategies and project portfolios into short and long-term architectural plans, detailed requirements, and models
• Strong understanding of risk management, disaster recovery, business continuity, IT security architecture, and IT regulatory compliance
• Ability to comprehend and leverage the functions and capabilities of new technologies
• Ability to create estimations of time and resource requirements for different activities and determine which activities can be completed in parallel and in sequence

Equal Opportunity Employer, including Disability/Vet.

General Description and Classification Standards

The Airport Information Technology Security Senior Manager is responsible for IT security policy enforcement and maintenance; design of security policy education, training, and awareness activities; monitoring compliance within the Department of Aviation and applicable laws; and coordinating investigation and reporting of security incidents. Monitor, assess, and fine-tune the IT business continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.

Develop and monitor practices to ensure that the network and data is secured against unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion. Duties include training in and dissemination of security policies and practices as well as developing strategies and plans to provide for timely business resumption in the event of a serious disruption. Applicants employed in this position will be required to work extra hours, as needed, and to be on-call for scheduled after-hour emergencies and respond to after-hours emergencies as needed.

Supervision Received

Direction received is very general and focuses on end results and is typically collaborative in nature. Position plans own work and project schedules and sequences.

• Monitor and advise on information security issues related to the systems and workflow at the DOA to ensure the internal security controls for the Aviation IT infrastructure is appropriate and operating as intended.
• Coordinate and execute IT security projects.
• Coordinate and execute IT security assessment audits and manage remediation.
• Coordinate response to information security incidents.
• Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
• Conduct data classification assessment and security audits and manage remediation plans.
• Collaborate with IT management, the legal department, safety and security, and law enforcement agencies to manage security vulnerabilities.
• Create, manage and maintain user security awareness.
• Conduct security research in keeping abreast of latest security issues.
• Prepare security notification, alerts and procedures for handling security incidents.
• Perform other related duties as assigned.
• Creating, testing and implementing network disaster recovery plans
• Performing risk assessments and testing of data processing systems
• Installing firewalls, data encryption and other security measures
• Recommending security enhancements and purchases
• Training staff on network and information security procedures

Decision Making

Decisions which you make:

• Implementation of process/procedures to improve job efficiency
• Implementation of solutions to enhance cyber resiliency reduce system downtime.
• Implementation of system maintenance to improve system performance and availability
• Design and development decisions

Minimum Qualifications - Education and Experience

• BA or BS in Computer Science, Management Information Systems, or related field.
• Five years of progressive management experience in computing and information security, including experience with Internet technology and security issues.
• Experience in aviation preferred.
• Experience should include security policy development; vulnerability management; cloud security; endpoint security; network access control; threat monitoring and intelligence; multi-factor authentication; vulnerability scanning; server hardening and CIS benchmark principles; penetration testing; security awareness; forensic analysis; networking principles and basic network flows; and defining and interpreting firewall rules.
• Knowledge of information security standards, rules and regulations related to information security and data confidentiality (e.g., NIST CSF, ISO27001, PCI, etc.) and desktop, server, application, database, network security principles for risk identification and analysis.
• Strong analytical and problem-solving skills.
• Excellent communication (oral, written, presentation), interpersonal and consultative skills.

Preferred Education & Experience

• CISSP, CISM, GIAC, or other security certifications desired.

Licensures and Certifications

• Valid Georgia driver’s license

Required physical, lifting, and sensory capabilities are requirements to perform the job successfully. Typical environmental conditions associated with job.

It is the policy of the City of Atlanta (“COA”) that qualified individuals with disabilities are not discriminated against because of their disabilities regarding job application procedures, hiring, and other terms and conditions of employment. It is further the policy of the COA to provide reasonable accommodations to qualified individuals with disabilities in all aspects of the employment process. The COA is prepared to modify or adjust the job application process or the job or work environment to make reasonable accommodations to the known physical or mental limitations of the applicant or employee to enable the applicant or employee to be considered for the position he or she desires, to perform the essential functions of the position in question, or to enjoy equal benefits and privileges of employment as are enjoyed by other similarly situated employees without disabilities, unless the accommodation will impose an undue hardship. If reasonable accommodation is needed, please contact the Human Resources Director for your department.

The City of Atlanta is an Equal Opportunity Employer and does not unlawfully discriminate on the basis of race, color, religion, age, disability, sex, sexual orientation, gender identity, marital status, veteran’s status or national origin, or any other basis prohibited by federal, state, or local law. We value and encourage diversity in our workforce.

Job Summary

This role supports the Comcast Business Enterprise Solutions teams and the

PCI-as-a-Service delivery to customers. Responsible for incorporating

operational and compliance monitoring of security controls and policies, review

of security logs, reconciling security events, escalation of security violations or

lack of timely remediation, risk assessment and risk management principles.

Implements strategies and maintains subject matter expertise on industry best

practices, particularly PCI. Ensures continuous measurement and communication of required metrics. Integrates knowledge of business and functional priorities.

Company Overview

Comcast Business offers a suite of Connectivity, Communications, Networking, Cybersecurity, Wireless, and Managed Solutions to help global organizations of all sizes prepare for what’s next. Powered by the nation’s largest Gig-speed broadband network and backed by 24/7 customer support, Comcast Business is the nation’s largest technology provider to small businesses and one of the leading service providers to the Enterprise market. Comcast Business has been consistently recognized by industry analysts and associations as a leader and innovator, and one of the fastest growing providers of Ethernet services.

• Manage day to day operations and service level agreements from the 3rd party security vendor to meet customer obligations.
• Coordinate the deployment of agents within client environment and work with client and 3rd party security vendor to configure the agent for monitoring of sensitive files and folders and ensure centralized reporting.
• Ensure continuous compliance of controls (e.g. agents continue to report-in, device log health, etc.)
• Review daily log file reports from 3rd party security vendor and highlight potential errors or anomalies. Investigate and escalate issues to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope.
• Review or conduct internal vulnerability scans for new rogue devices or failed scans. Escalate to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope. Launch or work with 3rd party security vendor to launch maintenance scans to ensure passing scans. Summarize status, findings and trends to internal and external leadership.
• Review monthly external monthly vulnerability scans. Escalate to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope. Launch or work with 3rd party security vendor to launch maintenance scans to ensure passing scans. Summarize status, findings and trends to internal and external leadership.
• Coordinate annual internal and external penetration tests with client and 3rd party security vendor. Escalate to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope. Launch or work with 3rd party security vendor to launch maintenance scans to ensure passing scans. Summarize status, findings and trends to internal and external leadership.
• Work directly with customers to understand and resolve issues, building strong client relationships; Translate complex technical issues into simple terms for customers.; Communicate confidently with customers or internal team members (e.g., sales, product, engineering, project, and development teams) to ensure customer satisfaction.
• Coordinate annual Self-Assessment Questionnaire (SAQ) PCI-DSS requirement with clients and 3rd party security vendor. Provide on-demand SAQ portal support to clients in coordination with 3rd party security vendor. Report status, findings and trends to internal and external leadership.
• Coordinate system accessibility for Comcast and Client, and ensure access is appropriate and managed.
• Create or contribute to the development of policies and procedures related to assigned information security processes. Develops consistent and repeatable processes to support day to day operations and meet service levels. Develops, publishes, and communicates operating procedures and guidelines along, with any relevant policies and standard to support the assigned information security processes.
• Compile metrics for key processes to allow for accurate status reporting and trending to assist in review of current processes and identify areas for performance/continuous improvement.
• Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary.
• Other duties and responsibilities as assigned.
• Ability to travel up to approximately 15% (Domestic USA)

Required Qualifications:

• Hands-on experience with the remediation of security vulnerabilities
• Excellent written and verbal communication skills
• High level of attention to detail when working with various data formats, ensuring data integrity throughout the process.
• Ability to consume large amounts of data in various forms and have proficiency in data collection, processing, and analysis using tools such as Excel, custom tools, and other data analytics platforms.
• Ability to analyze large data sets for trends, inconsistencies and insights, and translating them into actionable recommendations.
• Excellent problem-solving and troubleshooting skills, including experience diagnosing, troubleshooting, and resolving issues efficiently (e.g. performing/tracking RCAs and identifying/ resolving bottlenecks.
• Expertise in advanced Excel functionalities (e.g., VLOOKUPs, Pivots, complex formulas) and the ability to write scripts (e.g., Python, VB) to automate repetitive tasks is a plus
• Organizational skills to manage status, documentation and updates across various stakeholders
• Must take PCI DSS certification within first 6 months of employment. Familiarity with other security/industry standards (e.g., NIST, CVSSv3, OWASP etc.)

Preferred Qualifications:

• Bachelor's Degree
• CISA, CISM, CISSP, ISA, or PCIP certifications
• 5-7 years of relevant work experience

About Our Perks & Benefits:

We are determined to create an environment where our employees feel valued, understand our business goals, and are motivated.

Here's a look at just some of the perks and benefits we make available to our US-based employees:

• Medical & Dental
• 401(k) Savings Plan
• Generous paid time off
• Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
• Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.
• Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.

Learn more at jobs.comcast.com/life-at-comcast/benefits

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.

Disclaimer:

This position is unable to provide work authorization sponsorship or immigration support now or in the future.

This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

Comcast is an EOE/Veterans/Disabled/LGBT employer.

Compensation

National Pay Range: $67,344.96 USD-$157,839.75 USD

Comcast intends to offer the selected candidate base pay dependent on job-related, non-discriminatory factors such as experience. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.

The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Comcast will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law, including the Los Angeles Fair Chance Initiative for Hiring Ordinance and the San Francisco Fair Chance Ordinance.