Chapter Lead Engineer, Authentication Services

Job Description

A highly skilled Information Security Director/Chapter lead in Authentication to lead our Engineering team and fast-paced environment that will help to strengthen the Authentication Services and enable competitive capabilities. This Role will be responsible for the Multifactor Authentication (MFA) covering Single Sign On (SSO), Two factor and PUSH notification, Virtual Directory Federated Services and Desktop MFA for Passwordless platforms. Also, capabilities build in technologies supporting Cloud Authentication Management, KONG API integration. The Director/ lead will support, mentor, and guide the respective Solution Architects, Engineers and Developers within Authentication Services. The successful candidate will provide the leadership to an SRE team as well as Automation and Tooling team for successfully execution of the strategy in transforming Project to Operations, including monitoring incident response, building and monitoring solutions in production, ensuring service resiliency, and reducing repetitive manual tasks

• Develop an enterprise strategy and roadmap for scalable, robust, and performant Multi-Factor Authentication (MFA) platform solutions.
• Oversee the architecture, Engineering and design of solutions for the enterprise in a large and distributed environment.
• Lead Engineering, planning, and hands-on delivery of the enterprise-level program.
• Work across internal and external teams to document and share the best practices for employees and contractors.
• Ensure overall IT strategy and architecture plans and standards are translated into IAM service programs, methods, and technologies and alignment with industry-leading IAM practices.
• Provide leadership and hands-on guidance to internal IAM Team.
• Develop, maintain, monitor, and publish appropriate performance statistics and impact metrics.
• Troubleshoot and resolve complex technical problems impacting other teams using OUD, SSO, DJ ForgeRock, AM ForgeRock, Secret Double Octopus (SDO), API and Cloud IAM solutions.
• Develop and maintain documentation, with the focus on self-service, for IAM Architecture process and procedures.
• Ability to provide clearly complex information security IAM risks and technical requirements, into business digestible language.
• deep fluency with Identity & Directory platforms and authentication technologies such as ForgeRock, SDO, OUD, SAML, LDAP, LAPS, SCIM, OAuth, Microsoft Active Directory, KONG and AWS Architecture.
• A passion for solving problems and delivering high-quality, performant Privileged Identity solutions.
• Champion DevOps innovations by introducing better tools and agile practices
• Work collaboratively as a member of a Team to build and develop technical Identity and Access Management solutions
• Responsible for Development, Testing, and Implementing identity management (policy service) solutions using ForgeRock, Secret Double Octopus and Access Management products.
• Technical understanding of CASB and SASE.
• An understanding of access control concepts including directory services, SAML, LDAP, PKI.
• Hands-on experience in a variety of SRE languages and tools including Ansible, Maven, Gradle, Dynatrace Managed, AppDynamics/ Prometheus, Grafana, ServiceNow, GitHub, Slack, Elastic, Kibana and Jenkins.
• Software engineer experience with production class delivery, strong analytical mindset, communication skills, and sense of ownership / drive (SRE, DevOps, Cloud, IAM)
• Intermediate experience in a variety of environments including Cloud, distributed and mainframe, business workflows and services/APIs, databases
• Extensive experience in business analysis, documentation, and user access review.
• Skilled in project management best practices, tools, and techniques.
• Excellent verbal and written skills and be comfortable presenting ideas and issues to different levels within and outside of the organization, including leadership, customers, auditors, etc.
• Demonstrated track-record for building and leading exceptional teams through collaboration, mentoring, skill training and transition of technologies and processes as technologies and compliance requirements evolve.
• Skilled in managing and mentoring remote teams.
• Industry recognized certification in security (e.g., CISSP, CISM, CEH, CISA, AWS Architect, TOGAF etc.)
• Preferred Skills:
• Experience developing role-based access control strategy and production implementation.
• Agile Leankit or Jira tools. Familiarity with Kanban and other agile methodologies.
• Develop and maintain integrations and connectors for IAM/PAM solution.
• Proficiency with Rest APIs and Native SDKs.
• Developing and maintaining process automation scripts for onboarding and reporting.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead the engineering hive to achieve the outcomes set out in the Bank s Conduct Principles.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

• Program managers
• Project Managers
• PMO
• Production Support
• Service Management

Our Ideal Candidate

• Bachelor s degree in information technology, engineering, computer science, related field or equivalent experience.
• Minimum 15+ years experience in Information Security Technology, preferably in Banking and Financial services sector;
• Authentication capability for cloud-based applications and infrastructure.
• Ability to think strategically, balancing long and short-term priorities.
• Experience working in Azure, GCP and AWS.
• Must have at least 5+ years experience on Build & Implementation experience with IAM products like ForgeRock, Secret Double Octopus
• Must have a clear understanding of the concepts of Identity Management on Authentication mechanising.
• Candidate must have an understanding of industry best practices for access and authentication protocols and access governance (logging, monitoring etc.)
• Java, Node JS, GO Lang, REST/API, JASON, SAML, SOQ, WEBLogic, Oracle. Strong IAM Knowledge with MFA.
• Desired, DeveOps, Jenkins, BitBocket AWS or Azure
• Expertise in Java, J2EE software development and deployment
• Expertise in API based, REST, SAML, SOA, WebLogic (or a competitive product)
• Working knowledge of Scripting like Shell, JASON
• Very well known to MS SQL and must be able to optimise the complex queries
• Must have knowledge on Performance testing indicators
• Expertise in troubleshooting complex technical issues
• Ability to design and implement workflow rule-based provisioning solutions to meet complex business requirements.
• Experience in performance tuning, configuration, support, and troubleshooting.
• Excellent written, oral communication and reporting skills.
• Strong presentation skills with an excellent standard of English
• Strong problem solving and analytical skills with a troubleshooting mindset

,

Keyskills :
javacustomer relationslinuxautomationms sqlit strategyaccess controlproblem solvingactive directorycomputer sciencebusiness analysisanalytical skillsaccess management