I am...

About the Team

Come join the Bose Product Cloud! We are a mature cloud platform that powers critical cloud experiences for millions of Bose products.

About the Role

At Bose, security and stability are the two pillars of our product cloud. As a Cloud Security Engineer, you will be an integral part of our cloud platform team, playing a central role in strengthening our cloud security foundations. You will also have the opportunity to enhance the cloud security program to meet higher level enterprise security objectives. As part of this engineering role, you will work closely with the service and infrastructure developers to embed security practices into every aspect of the development pipeline.

• Ensuring the security of the cloud infrastructure and services
• Improving vulnerability discovery and the patching process
• Writing microservices and scripts as needed to build security into our platform
• Streamlining secrets and credential management
• Implementing and managing the security tools and platforms
• Evaluating and deploying open-source tools for monitoring and security operations
• Aiding in anomaly detection, attack identification, mitigation, and forensics during security incidents
• Understanding the engineering aspect of developers' projects to expedite secure development
• Evangelize security principles, tooling and best practices
• Stay up-to-date on security news, relevant technologies, plug into user groups, understand trends and security opportunities

Required Qualifications

• Deep understanding of cloud infrastructure security, and software development principles
• Extensive experience developing and maintaining cloud microservices in Java, Python, Go, Ruby
• Experience with public cloud providers (AWS), containerization (Docker), and container orchestration (Kubernetes)
• Experience with security tools, methodologies and a strong eye for security best practices
• Passion for security developer productivity and experience automating developer pain points
• Experience implementing security tools automation through CI/CD pipelines, configuration management tools, using Jenkins, Groovy, and microservices
• Strong background in Linux/Unix administration and scripting
• Outstanding communication skills; demonstrated ability to explain complex technical issues to both technical and non-technical audience
• Understanding of Agile and other development processes and methodologies
• 5 or more years working in cloud security, software development, or network management
• Bachelor’s degree in computer science, or equivalent

Preferred Qualifications

• Experience with Kubernetes admission control tools such as OPA and Kyverno
• Experience writing Kubernetes Operators is desired

What you can expect at Bose

• Working on leading-edge technologies in cloud micro-services, big data, and IoT
• Competitive salary, benefits, 401k match and pension
• Easy commute right off Mass Pike
• A culture of excellence, respect, opportunity, and passion for innovation

Bose is an equal opportunity employer that is committed to inclusion and diversity. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status, or any other legally protected characteristics. For additional information, please review: (1) the EEO is the Law Poster (http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf); and (2) its Supplements (http://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm). Please note, the company's pay transparency is available at http://www.dol.gov/ofccp/pdf/EO13665_PrescribedNondiscriminationPostingLanguage_JRFQA508c.pdf. Bose is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the application or employment process, please send an e-mail to Wellbeing@bose.com and let us know the nature of your request and your contact information.

Our goal is to create an atmosphere where every candidate feels supported and empowered in the interviewing process. Diversity and inclusion are integral to our success, and we believe that providing reasonable accommodation is not only a legal obligation but also a fundamental aspect of our commitment to being an employer of choice. We recognize that individuals may have different needs and requirements based on their abilities, and we provide reasonable accommodations to ensure ideal conditions are met during the application process.

If you believe you need a reasonable accommodation, please send a note to wellbeing@bose.com

Job Purpose and Impact

The IAM Principal Engineer provides technical expertise on areas of authentication, authorization, access management, privileged access management, identity governance and administration, IAM modernization for humans and machines.

Company Overview

Cargill’s size and scale allows us to make a positive impact in the world. Our purpose is to nourish the world in a safe, responsible and sustainable way. We are a family company providing food, ingredients, agricultural solutions and industrial products that are vital for living. We connect farmers with markets so they can prosper. We connect customers with ingredients so they can make meals people love. And we connect families with daily essentials — from eggs to edible oils, salt to skincare, feed to alternative fuel. Our 160,000 colleagues, operating in 70 countries, make essential products that touch billions of lives each day. Join us and reach your higher purpose at Cargill.

• Provides advanced architecture and engineering support to automate and administrator identity and compliance requirements into all enterprise information systems.
• Executes identity management roadmaps and technology enhancements.
• Creates and maintains standards surrounding documentation related to identity processes, procedure and infrastructure.
• Assesses current applications and architecture to ensure current implementations align with identity-first security strategies, industry guidelines, best practices and management approved standards.
• Architects and plans for implementing directives in secure and frictionless manner.
• Assists various IT departments with design, implementation and troubleshooting of security technologies. Provide security guidance and requirements to technology teams when no solution is currently available
• Other duties as assigned

Minimum Qualifications

• Bachelor’s degree in computer science, information systems, cybersecurity, or a related field
• 6+ years of related work experience
• 6+ years of professional experience with identity technologies and concepts
• 6+ years of professional experience with directories, Single-Sign On (SSO), identity federation, privileged access management, automated life-cycle management
• Proven knowledge of security (preferred - CISSP, CISA, CISM)
• A deep understanding in application integration patterns and API-based access control

Preferred Qualifications

• Proven hands-on experience with developing/architecting solutions using two or more leading IAM Solution providers such as Azure Entra ID, Okta, Sailpoint, Saviynt, CyberArk, BeyondTrust
• Demonstrated experience with performance management and capacity planning for large scale enterprise applications
• Thorough understanding of modern enterprise architecture and hands-on experience with Enterprise Application frameworks
• Provide direction, delegating and removing obstacles to get work done
• Develop and deliver multimode communications that convey a clear understanding of the unique needs of different audiences
• Hold self and others accountable to meet commitments
• Excellent knowledge of MFA, risk based and adaptive access control and protocols such as OpenID Connect, SAML, OAuth 2.0 and SCIM
• Ability to translate business strategies and project portfolios into short and long-term architectural plans, detailed requirements, and models
• Strong understanding of risk management, disaster recovery, business continuity, IT security architecture, and IT regulatory compliance
• Ability to comprehend and leverage the functions and capabilities of new technologies
• Ability to create estimations of time and resource requirements for different activities and determine which activities can be completed in parallel and in sequence

Equal Opportunity Employer, including Disability/Vet.

General Description and Classification Standards

The Airport Information Technology Security Senior Manager is responsible for IT security policy enforcement and maintenance; design of security policy education, training, and awareness activities; monitoring compliance within the Department of Aviation and applicable laws; and coordinating investigation and reporting of security incidents. Monitor, assess, and fine-tune the IT business continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.

Develop and monitor practices to ensure that the network and data is secured against unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion. Duties include training in and dissemination of security policies and practices as well as developing strategies and plans to provide for timely business resumption in the event of a serious disruption. Applicants employed in this position will be required to work extra hours, as needed, and to be on-call for scheduled after-hour emergencies and respond to after-hours emergencies as needed.

Supervision Received

Direction received is very general and focuses on end results and is typically collaborative in nature. Position plans own work and project schedules and sequences.

• Monitor and advise on information security issues related to the systems and workflow at the DOA to ensure the internal security controls for the Aviation IT infrastructure is appropriate and operating as intended.
• Coordinate and execute IT security projects.
• Coordinate and execute IT security assessment audits and manage remediation.
• Coordinate response to information security incidents.
• Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
• Conduct data classification assessment and security audits and manage remediation plans.
• Collaborate with IT management, the legal department, safety and security, and law enforcement agencies to manage security vulnerabilities.
• Create, manage and maintain user security awareness.
• Conduct security research in keeping abreast of latest security issues.
• Prepare security notification, alerts and procedures for handling security incidents.
• Perform other related duties as assigned.
• Creating, testing and implementing network disaster recovery plans
• Performing risk assessments and testing of data processing systems
• Installing firewalls, data encryption and other security measures
• Recommending security enhancements and purchases
• Training staff on network and information security procedures

Decision Making

Decisions which you make:

• Implementation of process/procedures to improve job efficiency
• Implementation of solutions to enhance cyber resiliency reduce system downtime.
• Implementation of system maintenance to improve system performance and availability
• Design and development decisions

Minimum Qualifications - Education and Experience

• BA or BS in Computer Science, Management Information Systems, or related field.
• Five years of progressive management experience in computing and information security, including experience with Internet technology and security issues.
• Experience in aviation preferred.
• Experience should include security policy development; vulnerability management; cloud security; endpoint security; network access control; threat monitoring and intelligence; multi-factor authentication; vulnerability scanning; server hardening and CIS benchmark principles; penetration testing; security awareness; forensic analysis; networking principles and basic network flows; and defining and interpreting firewall rules.
• Knowledge of information security standards, rules and regulations related to information security and data confidentiality (e.g., NIST CSF, ISO27001, PCI, etc.) and desktop, server, application, database, network security principles for risk identification and analysis.
• Strong analytical and problem-solving skills.
• Excellent communication (oral, written, presentation), interpersonal and consultative skills.

Preferred Education & Experience

• CISSP, CISM, GIAC, or other security certifications desired.

Licensures and Certifications

• Valid Georgia driver’s license

Required physical, lifting, and sensory capabilities are requirements to perform the job successfully. Typical environmental conditions associated with job.

It is the policy of the City of Atlanta (“COA”) that qualified individuals with disabilities are not discriminated against because of their disabilities regarding job application procedures, hiring, and other terms and conditions of employment. It is further the policy of the COA to provide reasonable accommodations to qualified individuals with disabilities in all aspects of the employment process. The COA is prepared to modify or adjust the job application process or the job or work environment to make reasonable accommodations to the known physical or mental limitations of the applicant or employee to enable the applicant or employee to be considered for the position he or she desires, to perform the essential functions of the position in question, or to enjoy equal benefits and privileges of employment as are enjoyed by other similarly situated employees without disabilities, unless the accommodation will impose an undue hardship. If reasonable accommodation is needed, please contact the Human Resources Director for your department.

The City of Atlanta is an Equal Opportunity Employer and does not unlawfully discriminate on the basis of race, color, religion, age, disability, sex, sexual orientation, gender identity, marital status, veteran’s status or national origin, or any other basis prohibited by federal, state, or local law. We value and encourage diversity in our workforce.