IAM Architect at Kroger Tech & Digital in Blue Ash, Ohio

Job Description:

Responsible for the planning, design and build of security architectures to ensure strong security posture, compliance with regulations, and safeguard customer s data. Manage information systems security, including disaster recovery, database protection, and software development. Demonstrate the company s core values of respect, honesty, integrity, diversity, inclusion and safety.

IAM (Identity Access Management) Architect role is on the CIS IAM Architecture and Governance team responsible for the strategy, design, and governance of the Kroger enterprise IAM program.From one tiny Cincinnati grocery store more than a century ago, we've grown into what today is the nation's largest grocer with nearly 2,800 stores in 35 states operating under 28 different names. As America's grocer, we take pride in bringing diverse teams with a passion for food and people together with one common purpose: To Feed the Human Spirit. With a history of innovation, we work tirelessly to create amazing experiences for our customers, communities AND each other, with food at the heart of it all.

Here, people matter. That's why we strive to provide the ingredients you need to create your own recipe for success at work and in life. We help feed your future by providing the value and care you need to grow. If you're caring, purpose-driven and hungry to learn, your potential is unlimited.

Whether you're seeking a part-time position or a new career path, we've got a fresh opportunity for you. Apply today to become part of our Kroger family!Minimum
- Bachelor's Degree computer science, information systems, or related technical field
- Any experience in one or more of the common languages (e.g., Perl, Python, Ruby, shell scripting)
- 8+ years of experience in a related security field
- Proven ability to design and build scalable, high volume, and low latency applications
- Advanced knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)

-Expert in a minimum of two IAM areas, which includes Identity Governance and Administration (IGA), IAM Governance (IAM Policies and standards) Directory Services (Azure, AD, Oracle, dDirectory), Access Management (SSO Federations), Privilege Access Management (PAM).

-SME level of understanding of SAML, OAuth, OIDC, and header-based federations.

Desired
- Master's Degree computer science, information systems, or related technical field- Oversee Identity and Access management, cloud security, cryptography, logging and alerting, security operations, malware detection, incident response, vulnerability scanning, penetration testing, security architecture, and digital forensics
- Guide the implementation of network and computer security and ensures compliance with corporate cybersecurity policies and procedures
- Assist with the monitoring of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software
- Monitor server and firewall logs, scrutinize network traffic, establish and update vulnerability scans
- Analyze and resolve complex security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required
- Manage and ensure the security of databases and data transferred both internally and externally
- Oversee penetration testing of all systems in order to identify system vulnerabilities; design, implement, and report on security system and end user activity audits
- Develop new and modify existing security policies and procedures to maintain compliance
- Evaluate existing and recommend new and emerging security technologies
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts
- Communicate important updates with key stakeholders across the organization
- Coach and mentor other members of the security engineering team
- Must be able to perform the essential job functions of this position with or without reasonable accommodation

-PingOne, Ping Acces and Ping Federate experience including DaVinci

-Experience with multiple IGA providers such as SailPoint, EmpowerID, Saviynt, etc.

-Advise colleagues and lines of business on Identity best practices.

-Radiant Logic Architecture and Implementation