Job Description
Sr. Security Engineer - Cryptography and Access Management page is loaded
Sr. Security Engineer - Cryptography and Access Management
Apply locations Toronto - Queen's Quay - Headquarters time type Full time posted on Posted 2 Days Ago job requisition id R-83327Job Description
The Information Security team is committed to delivering innovative cybersecurity solutions and services to the enterprise. Our global team is growing!!
We are looking for a Sr. Security Engineer to join us , with a focus on supporting our needs and capabilities across Private Key Infrastructure (PKI) and Privileged Access Management (PAM).
This role will lead all aspects of administration , operations and continuous advancement of Kraft Heinz enterprise cryptographic and access management cap abilities. You will work closely with the PKI and PAM program owners, IT and Business Partners, and other organizational partners to deliver on required program capabilit ies, program compliance requirements and program maturity targets .
Key r esponsibilities :
Perform day to day monitoring, management and maintenance of organization's PKI and PAM platforms, ensuring maximum platform capability, performance and health.
Maintain standards , playbooks and communications for management and maintenance of program capabilities and processes
Maintain technical documentation around architecture, configuration, management maintenance of core platforms, supporting tooling and other applicable technologies .
Lead , supervise and continuously optimize delivery and user experience of certificate lifecycle management processes , including request, approval, issuance , validation and revocation, to ensure continuous alignment with requirements and compliance with standards and processes .
Support the design, build and deployment of enterprise PKI systems and ensure PKI systems align with and enforce industry leading practices and NIST standards.
Manag e, supervise and continuous ly optimiz e delivery and user experience of privileged account lifecycle management processes, including provisioning, vaulting, rotation, changes, deprovisioning, and access reviews.
Lead cyclical and ad-hoc training and awareness programs around PKI and PAM capabilities and practices.
Collaborate with multi-functional teams to ensure flawless execution of security processes.
Design, plan and implement the integration of platforms with other security systems and applications.
Implement applicable policies, procedures, and standards to internal teams and collaborators.
Successfully communicate with internal engineering and operations teams to design, plan, implement, validate and memorialize changes to platform configuration, integrations and processes.
Partner with internal and external teams and product vendors to lead resol ution of issues with certificate s and certificate lifecycle, privileged access and access lifecycle , platform , platform integration s , and other issues as they arise .
Monitor, measure and communicate key program capabilities and metrics
Provide support for program audits to ensure alignment of practices to processes, and compliance of processes to requirements
Continuously evaluate and improve the capability of platforms to stay ahead of emerging threats.
Evaluate new tools, technologies and techniques to enhance the efficacy and efficiency of programs and capabilities.
Stay updated with , and communicate to program owners and key partners, changes and advancements to industry trends, standards , and regulatory requirements
Qualifications for this role include :
Advanced experience in cybersecurity, with at least three years of hands-on experience and expertise with encryption and identity and access management
Strong level of understanding of Enterprise PKI platforms and processes , including c ertificate enrollment protocols, automation , lifecycle , troubleshooting and resolution.
Strong level understanding of Enterprise PAM platforms and processes , including provisioning, vaulting, granular rights management , de- provisioning and verification processes , injection and secure access.
Strong level of understanding of enterprise directory services and group policies .
Strong level of understanding of authentication flows and mechanisms, including strong multi-factor authentication .
E xperience with scrip t ing in Python, shell and powershell .
Familiarity with security frameworks and standards (e.g., NIST CSF , ISO 27001).
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills.