Principal Cyber Security Architect - Identity

October 15

Apply Now

Receive Emails with Similar Jobs

GE

WebsiteLinkedInAll Job Openings

Oil & Gas • Healthcare • Intelligent Platforms • Renewable Energy • Transportation

10,000+

Description

• Architect and Design Security Solutions: Develop and lead the implementation of security architectures focusing on IAM, Cloud Security (AWS, Azure, GCP, OCI), Zero Trust principles, and ABAC/PBAC access control models. • Ensure secure integration of IAM and access control solutions with on-premise, cloud, and hybrid environments. • Develop comprehensive security frameworks, including detailed security policies and procedures aligned with business requirements. • Identity and Access Management (IAM): Oversee the design, deployment, and maintenance of scalable IAM systems including SSO (Single Sign-On), MFA (Multi-Factor Authentication), Privilege Access Management (PAM), and User Lifecycle Management. • Lead efforts to implement and optimize ABAC and PBAC models to ensure granular and context-aware access management across diverse applications and systems. • Assess and improve current IAM frameworks, incorporating advanced access control mechanisms to strengthen security across digital platforms. • Zero Trust Security Model: Lead the development and implementation of a Zero Trust architecture, minimizing risks and enhancing the organization’s ability to protect assets in distributed and cloud-native environments. • Integrate ABAC and PBAC within a Zero Trust framework to ensure continuous verification and enforcement of least privilege access. • Cloud Security: Design and implement cloud security solutions for IaaS, PaaS, and SaaS environments, ensuring compliance with corporate security policies and external regulatory requirements. • Develop, review, and maintain cloud security configurations to optimize security postures across multiple cloud platforms, incorporating ABAC/PBAC for fine-grained cloud access controls. • Governance, Risk, and Compliance (GRC): Collaborate with the security governance and compliance teams to ensure that IAM and cloud security initiatives, including ABAC/PBAC, comply with relevant industry standards (e.g., ISO 27001, NIST, CIS, GDPR, SOC 2). • Lead security assessments, audits, and penetration testing to identify and mitigate vulnerabilities within cloud and identity systems, with particular focus on access control models. • Advanced Access Control (ABAC/PBAC): Design and implement Attribute-Based Access Control (ABAC) solutions, leveraging user attributes and contextual data to enforce dynamic access controls. • Architect Policy-Based Access Control (PBAC) frameworks, defining and applying detailed access control policies to ensure precise control over user permissions. • Continuously evaluate and refine ABAC and PBAC strategies to align with evolving business needs and emerging security challenges. • Innovation and Leadership: Serve as a thought leader in cybersecurity architecture, staying informed about emerging trends, technologies, and threats in IAM, cloud security, ABAC/PBAC, and Zero Trust models. • Mentor and guide junior team members, building a highly skilled and motivated security architecture team. • Engage with senior leadership to communicate risk, define security roadmaps, and align security strategies with overall business objectives.

Requirements

• Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Systems, or a related field. • Experience: 10+ years of experience in cybersecurity architecture, with a focus on IAM, Cloud Security, Zero Trust methodologies, and advanced access control models (ABAC/PBAC). • Hands-on experience architecting IAM systems and deploying ABAC and PBAC frameworks. • Strong expertise in AWS, Azure, and/or GCP security models and best practices. • Certifications: Relevant certifications such as CISSP, CISM, CCSP, AWS Certified Security – Specialty, Azure Security Engineer Associate, or similar. • Skills: Deep knowledge of Identity Governance and Administration (IGA) and access control models such as RBAC, ABAC, and PBAC. • Expertise in identity federation protocols (SAML, OAuth, OpenID) and modern IAM solutions. • Strong understanding of security standards and regulations (ISO, NIST, GDPR). • Proficiency in scripting and automation tools (Python, PowerShell, etc.). • Excellent problem-solving, analytical, and communication skills.

Benefits

• Healthcare benefits include medical, dental, vision, and prescription drug coverage. • Access to a Health Coach, a 24/7 nurse-based resource. • Access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling, and referral services. • Retirement benefits include the GE Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions. • Access to Fidelity resources and planning consultants. • Other benefits include tuition assistance, adoption assistance, paid parental leave, disability insurance, life insurance, and paid time-off for vacation or illness.