IAM Authentication Engineer

at  Smithfield Foods

IF YOU ARE CURRENTLY EMPLOYED AT SMITHFIELD, PLEASE LOG INTO WORKDAY AND SUBMIT YOUR APPLICATION THROUGH THE JOBS HUB.

A great job-and a great future-awaits you at Smithfield Foods. We are an American food company with a leading position in packaged meats and fresh pork products. We’re looking for motivated people who want to join our team and grow lasting and meaningful careers with us. Apply Now!

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals to perform the essential functions .

• Bachelor’s degree from an accredited four-year college or university in IT, Cybersecurity, Computer Science or related field and 5+ years’ relevant experience; or equivalent combination of education and experience, required.
• CISSP, CISM or equivalent security certification preferred.
• 5+ years of Active Directory management and security preferred.
• Deep understanding and experience in implementing MFA, Federation and SSO with Okta.
• Experience in using PowerShell and Unix Shell Scripting
• Experience with “defense-in-depth” and “defense-in-breadth” principles and technology.
• Understanding of frameworks such as NIST CSF, NIST SP 800-53, ISO 27001.
• Experience working in a multinational company with complex integrated environments in Information Technology (IT).
• Experience in Operations Technology (OT) desired.
• Broad and deep knowledge of business, technology/IT and cybersecurity technologies and approaches.
• Ability to leverage industry best practices and previous experiences while remaining creative and innovative.
• Proven ability to work effectively as both a self-driven, autonomous remote individual contributor and on a diverse team of engineers.
• Advanced documentation, organization, prioritization, and analytical skills.
• Ability to handle proprietary and sensitive information in a confidential manner.
• Proven ability to execute multiple tasks efficiently and effectively using tools and/or processes.
• Ability to be respectful, approachable and team oriented while building positive working relationships in matrixed environments.

Additional Desired Skills

• Experience in MS Azure/AWS security and protection technologies.
• Familiarity with Windows and Linux internals.
• Experience with PKI, Certificate Management and VPN.
• Familiarity with OWASP TOP 10 vulnerabilities, SANS 25, MITRE and CWEs.
• Familiarity with relational databases and SQL.

CORE RESPONSIBILITIES

• Serves as a key advisor to the Sr Director of Identity and Access Management (IAM) and regularly meets with the IAM Team to review and advise on best practices in directory, authentication, federation and single sign-on (SSO) requirements and work programs.
• Works closely with application teams in implementing MFA, Federation and SSO solutions.
• Works closely with business units, partners, IT infrastructure and application teams to gather and implement directory and authentication requirements to secure access to IT assets, applications, cloud services and third-party services.
• Administers directory and authentication solutions, including but not limited to Active Directory (AD), Azure Active Directory (AAD), Okta, and Centrify.
• Uses a threat-based, intelligence-led approach and collaboration inside and outside the security team to continuously assess existing capabilities and identify future requirements for directory and authentication services.
• Collaborates with other cybersecurity engineers and analysts in the IT and OT organizations to manage security threats and response capabilities.
• Coordinates with Human Resources (HR) in onboarding and offboarding workforce activities and establishing authoritative sources for identities.
• Manages multiple AD domains and forests and engages with other Infrastructure groups as necessary to support the AD environment.
• Develops, reviews, and maintains a backlog of strategic and tactical AD initiatives to reduce risk, increase usability and operational effectiveness.
• Writes and reviews Active Directory policies, standards, and processes across the company to support business, strategic, security and regulatory needs.
• Creates and enforces password and authentication policies.
• Leads and provides guidance on authentication projects. Project management includes prioritization of activities, defining objectives, milestones, writing project status reports and ensuring overall successful on-time implementation and deployment.
• Maintains technical expertise, relevant industry standards and best practices as assigned in authentication technologies such as:
• Active Directory and Azure Active Directory, LDAP, Okta, Kerberos, RADIUS
• Federation, SSO
• SAML, OAuth, OIDC, PKI

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals to perform the essential functions .

• Bachelor’s degree from an accredited four-year college or university in IT, Cybersecurity, Computer Science or related field and 5+ years’ relevant experience; or equivalent combination of education and experience, required.
• CISSP, CISM or equivalent security certification preferred.
• 5+ years of Active Directory management and security preferred.
• Deep understanding and experience in implementing MFA, Federation and SSO with Okta.
• Experience in using PowerShell and Unix Shell Scripting
• Experience with “defense-in-depth” and “defense-in-breadth” principles and technology.
• Understanding of frameworks such as NIST CSF, NIST SP 800-53, ISO 27001.
• Experience working in a multinational company with complex integrated environments in Information Technology (IT).
• Experience in Operations Technology (OT) desired.
• Broad and deep knowledge of business, technology/IT and cybersecurity technologies and approaches.
• Ability to leverage industry best practices and previous experiences while remaining creative and innovative.
• Proven ability to work effectively as both a self-driven, autonomous remote individual contributor and on a diverse team of engineers.
• Advanced documentation, organization, prioritization, and analytical skills.
• Ability to handle proprietary and sensitive information in a confidential manner.
• Proven ability to execute multiple tasks efficiently and effectively using tools and/or processes.
• Ability to be respectful, approachable and team oriented while building positive working relationships in matrixed environments