Systems Engineer II - InfoSec//Access
Pleasanton, CA

Job Description

As a part of our technology organization, you will have the opportunity to build next generation solutions that will transform the way our customers interact with our family of iconic brands. Our team employs a DevOps model, allowing our product teams to have full ownership of design, build and operate with immense scale. From distributed computing, to artificial intelligence, mobile, big data and cloud computing, you will have the opportunity to build a career that allows you to make an impact all while learning new technical and leadership skills. We are inspired by new challenges and push ourselves to create what's next in this dynamic industry. Come join this diverse team and grow with us.

GapTech InfoSec is looking to hire a Security Engineer (SSO) to lead its Access Management Program. The SSO Engineer will be joining the Identity and Access Management group and will design, develop, implement, support and build adoption for the Access Management program. This position provides a great opportunity for a mid-level engineer to be part of a team of experienced engineers in a fast paced, dynamic environment and hone their skills in one of the hottest areas within Information Security.

* Understand existing authentication and federation ecosystems
* Design Access Management solutions for ongoing business requirements and be hands-on to drive the implementation process.
* Work closely with Architects, Application owners, Product managers to drive SSO-enablement of applications
* Deliver SSO Federation (SAML/OAuth/OpenID-Connect) solutions for internal applications and externally-hosted SaaS applications
* Work with vendors and third parties to evaluate new products, features and solutions
* Work with App teams to assist with delivery of fine-grained authorizations
* Lead meetings with internal stakeholders across IT and the business
* Work closely with IAM, Network, Data Protection and Product Security team members to ensure the best solution is delivered in a timely manner
* Develop and maintain SSO artifacts (strategy, decisions, solution design, etc.)
* Continuously assess current environment and make necessary improvements to align with future state architecture.
* Experience in PingFederate, TAM or similar SSO products
* Experience with integrating using Kerberos, OAuth, OpenID Connect
* Experience in Multi-Factor Authentication (MFA) - soft/hard token solutions, OTP, PKI/Certificates, Web Servers (Apache, Tomcat, Weblogic, JBoss, IIS)
* Experience working on large, cross functional, globally distributed and complex projects
* Ability to deliver results, requiring minimal guidance
* Ability to communicate ideas effectively to team members
* Ability to multi task, change focus based on prioritization, work in a high-pressure, fast-moving environment
* Good written and verbal communication skills.
* Ability to influence the strategy in the SSO and Access Management space by consistently comparing current processes with regulatory requirements and current industry best practices


* Bachelor degree in Computer Science/engineering or equivalent
* Security certifications: CISSP, CISM, CISA, CEH, etc. preferred


* 8 years' experience in Information Security
* 5 years' experience in managing Single Sign-On (SSO) environments, SSO Federation (SAML) both as an IDP and SP
* 5 years of development skills (.NET, Java, Web services, scripting)