Technology advancements are helping organizations to deliver un-parallel user experience and value creation. The convergence of physical and digital world is leading to connected ecosystem that creates exponential number of interactions and data/information exchange. While cloud, data analytics and IIoT technologies bring huge opportunity, it also pushes relevance of cyber security to whole new level and demands the integration and orchestration of people, processes, and technologies to meet trusted digital transformation.
Mirion is a leader in radiation safety, measurement, and science. Built on 60 years of experience, Mirion solutions play critical role in nuclear energy, medial and defense sector. Being part of Critical National Infrastructure ecosystem, Mirion is committed to bring best of cyber security to operate as "Trusted Enterprise" and delivery Solutions that are "Secure-by-Design".
Mirion is looking for motivated, experienced, and expert cyber defenders. As part of corporate cyber security team and reporting to Chief Information Security Officer (CISO), the Enterprise Identity & Data Security Architect shall perform responsibilities and have qualification, experience and expertise as described below:
Position Responsibilities:
Define the enterprise wide IAM and Data Security strategy addressing the needs of global IT operations, Operational Technologies (OT - factories / sites) and Connected Products - IIoT solution being offered by Mirion in focused industry verticals.
Act as an IAM subject matter expert addressing different aspects of the solution - Identity, Authentication, Authorization, Access-Control and Life-cycle Management.
Act as a Data Security subject matter expert addressing confidentiality, integrity, and privacy requirements.
Define IAM and Data Security policies, governance model and industry standards adoption.
Design technical architecture and operational processes to implement Identity and Data Security solutions. A coherent, reusable, reliable and phased architecture to help the business grow and change while aligning to strategic vision.
Drive adoption of IAM and Data Security controls globally (IT and OT/IIoT) and with different division's Connected Products offering to Mirion customers.
Keep track of emerging security threats, technology trends and maintain agile solution framework that can align to growing need of organization while offering resilient cyber security control.
Work with partner organization to manage IAM and Data Security operations. Operate in-scope cyber security controls at highest assurance level.
Identify the white space to implement most cost-effective means of achieving organizational goals.
Be champion of cyber security discipline and participate/offer user training, educational sessions to internal / external users.
Qualification Required
10+ years of experience as security engineer/architect - must have worked on large enterprise wide IAM and Data security policy, process, and technology implementation.
Industry recognized certifications are a plus - e.g., CISSP, SSCP, SANS GSEC, ECSA or similar
In-Depth knowledge of Identity and Access management:
designing and onboarding processes related to identity management from the business and technical perspective (e.g., identity enrollment, provisioning, credential management, federation, requesting access and entitlement, accountability of entitlements)
design and implement solution using - AD/LDAP, OAuth, OpenID, SAML, Kerberos, SCIM, SPML, XACML | WebAuthN, FIDO, U2F, TOTP, HOTP
deep expertise in Azure-AD architecture design (B2B/B2C), SSO, federation, delegated administration, privilege-access-management, 2FA/MFA, Password-less authentication.
data security - encryption/decryption (at-rest and in-transit), run-time system integrity check, message signing, data obfuscation / pseudonymization, tokenization, dynamic access control and data loss prevention (DLP)
Bachelor's degree in Engineering or related field
Other Skills Requirement:
Strong understanding of security products and vendors, relevant technologies and trends, and industry standards.
Demonstrated experience in gathering and transforming business requirements into a comprehensive technology solution definition.
Strong team player - work with internal and external stakeholder to solve problems and actively incorporate input from various sources.
Excellent communication skills and collaborative working style. Strong critical thinking and analytical skills and ability to think "out of the box" required.
Willing to travel
Qualifications
BehaviorsLoyal - Shows firm and constant support to a cause Team Player - Works well as a member of a group EducationBachelors of Engineering (required) Experiencedata security - encryption/decryption (at-rest and in-transit), run-time system integrity check, message signing, data obfuscation / pseudonymization, tokenization, dynamic access control and data loss prevention (DLP) (required) Crypto, key-management & PKI technology - Hash, Symmetric / Asymmetric encryption | RSA, ECC crypto | X.509 Cert-Life-Cycle-Management, Code-signing etc. (required) In-depth knowledge of NIST SP 800-53, NIST SP 800-63, NIST SP 800-171, NIST SP 800-57, NIST SP 800-175, GDPR (required) Industry recognized certifications are a plus - e.g., CISSP, SSCP, SANS GSEC, ECSA or similar (preferred) 10 years: security engineer/architect - must have worked on large enterprise wide IAM and Data security policy, process, and technology implementation (required)
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)