Role: Cloud Identity and Security Architect
Duration: 12 months+
Ideally, the candidate has Salesforce CRM and Cloud technologies experience with knowledge around Identity and access management, cloud network security, data protection and some audit monitoring and log analysis tools experience. However, candidates with a solid technical architecture and development background in Java, .NET and integration will also be considered. The candidate must be able to lead technical architectural sessions, produce requirements and technical architecture documents, and be hands-on implementing where required.
· Understanding of Salesforce CRM architecture and how a SAAS tool work.
· Develop standards and policy for IAM/PAM programs around Salesforce CRM
· Plan and prioritize new application onboardings and access certifications, integrations.
· Works with technology and business owners to fully onboard applications that integrate with Salesforce from IAM, security, data protection and log monitoring perspectives.
· Develop and monitor a set of KPIs to measure the overall health of the Salesforce CRM
· Experience with Access Management platforms (e.g. Okta, Azure Identity)
· Knowledge of Information Security Standards and Frameworks - Knowledge of common information security standards such as: ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls.
· Document and maintain strategic objectives, threats, maturity improvements, imperatives, projected benefits, dependencies, projected effort and other relevant information for roadmap initiatives and project prioritization.
· Establish and maintain a Corporate Information Security metrics framework, data and reporting platform.
· Enhance secure behavior by design efforts.
· Ability to automate detection, log monitoring and response across a variety of platforms.
· Ability to communicate and collaborate across subject areas (e.g. engineering, legal, policy)
· Building alerting pipelines on DLP events and Implementing DLP controls.
· Bachelor's degree and a minimum of 8 years of related experience or an equivalent combination of education and experience.
· Wide-ranging expertise integrating diverse Salesforce clouds and information/directory systems with homegrown solutions.
· High level experience with the force.com platform, Marketing cloud, Integration Cloud etc;
· Hands-on experience with web single sign-on solutions, especially SAML and OpenID Connect, with specific experience with the Shibboleth Identity Provider.
· Knowledge and experience with directory services such as OpenLDAP and Active Directory.
· Understanding of multifactor authentication with OATH OTP tokens, U2F/WebAuthn/FIDO2, and PKI/smart cards.
· Deep understanding of web protocols, especially web session handling.
· Working knowledge of relational database management systems such as Oracle, MS SQL Server, and MySQL.
· Ability to network and collaborate with key contacts outside your own area of expertise.
· Excellent troubleshooting skills with the ability to work on and resolve complex technical issues in creative and effective ways. Desired Qualifications:
· Advanced degree in electronics Engineering, Computer Science, Computer Systems Technology, or a related field.
· Previous experience in a research environment or a customer service delivery organization desirable.