As IAM Senior Engineer (PKI) you will be part of the Secure Access Engineering Global Team. Formed by twenty-six professional, distributed around the globe and with a variety of background and expertise within the Security and Identity & Access Management area.We face with complex issues and needs, where analysis of situations or data requires an in-depth evaluation of variable factors, including technology dependencies, inter-organizational impact and systems thinking approaches.
You will contribute and technically lead challenging projects which require deep technical knowledge and infrastructure engineering skills. You will be accountable and responsible for decision-making in technical design, build and testing, in the context of the projects/activities to which you will be assigned. In doing so, you will exercise sound judgment, balanced with effective consultative engagement of key stakeholders, in the methods and techniques chosen to obtain the desired results.
You will have the required skills, experience and depth of knowledge to be able to influence significantly both IAM vendor product selections and improvements.
Your main responsibilities would be
To lead and contribute to the end-to-end design of infrastructure solutions and the creation and maintenance of related component standards
To produce and maintain sufficient documentation for the designs, design patterns, and component standards created or maintained
To interact with senior internal and external partners on significant technical matters as they relate to prioritized objectives
To strengthen the overall Engineering community by building bridges and collaborating with Principal Engineers, Senior Engineers, Engineers and Associate Engineers in other infrastructure solution areas
To contribute to determining success criteria and evaluation of promising solutions/technologies via Proofs of Concept (PoCs) and feasibility studies across two or more areas within their infrastructure solution area, as they relate to meeting Roche’s business needs
To architect (as solution architect), design, build, test, and implement (first-time deployments) integrated, resilient and reliable solutions in multiple solution areas
To lead small-to-medium sized technical teams for specific objectives in medium-to-large initiatives (projects, lifecycle work, Proofs of Concept, etc.) and to provide the expert guidance required to drive technical developments in these initiatives
To advise, influence, collaborate with, and integrate feedback from various IT partners including Enterprise Architects, Solution Owners, Component Owners and line-of-business stakeholders
To ensure designs and solutions in their respective infrastructure solution area align and adhere to the organization’s Technical Architecture Framework (TAF) policies, standards and directions
To map the technology roadmaps into portfolio projects/activities and to estimate resources, dependencies, risks, and timelines required to deliver these projects/activities successfully
To contribute to the efforts to estimate Engineering resources and timelines to deliver projects/activities successfully
To contribute to and/or write position papers, white papers, technical recommendations and best practices including use cases for their infrastructure solution space
To remain proactive and aware of operational challenges and opportunities and work with support team staff to resolve incidents and major incidents
To ensure solutions and components implemented comply Quality/Regulatory standards, as applicable
Design continuous integration best practices for the development team using Docker, Ansible, and Jenkins. Leverage Docker and Ansible playbook design for continuous deployment and continuous delivery and maintain responsibility for configuration management for infrastructure as code.
You will bring
At least 4 years experience of working in a multinational work environments (e.g. healthcare industry experience is a plus) as a Senior Engineer, fulfilling the role of Solution Architect or Technical Lead.
Must have in-depth expertise in developing, implementing and architecting security systems specifically for a large Global Enterprise including;
Experience working with PKI (Public Key InfrastructureEncryption) and Certificate Management
Knowledge of PKI governance best practices (e.g. Root Key Ceremony, Certificate Policy, etc.)
Experience/Knowledge of PKI Integration into Public Cloud environments
General cryptography knowledge: symmetric, asymmetric, RSA, AES, ECC, hashing, key management,internal PKI and external PKI
Knowledge on the main usages of digital certificates (encryption, code signing, user/device authentication, etc.)
Good understanding on key management/digital certificate practices around Microsoft PKI (Microsoft Active Directory Certificate Services), including hardening good practices.
It would be valuable if your bring;
Experience with HSM (hardware security module), knowledge of Gemalto/SafeNet products
Experience with a Registration Authority, knowledge of Keyf Factor Command
Experience with CyberArk, AWS Key Manager, AWS Certificate
Strong customer engagement and presentation skills with the ability to communicate across all levels (senior and/or large audiences)
Ability to work effectively with team members and virtual teams from different locations and different cultural background
Strong oral and written communication skills in English. German, Spanish or Chinese (Mandarin) are significant pluses
Proven project and time management skills
Moderate to extensive travel required and ability to work across multiple timezones, including some on-call and extended hours work, as required
One or more industry certifications in the respective infrastructure solution area(s) is highly desired