The CBI Group
QVC is one of the world’s leading multimedia retailers, reaching millions of customers around the globe each day on-air, on-line, and through mobile. Information security is a priority for QVC. To advance the global security program, QVC is seeking a Sr. IT Security Engineer - Privileged Access and Certificate Management. This is a fast-paced, dynamic, and engaging environment, where we work together in a culture thriving on innovation and excellence. This position is based outside of Philadelphia at QVC Founders Park location in West Chester, PA.
QVC is seeking a Sr. Security Engineer to join the IT Global Information Security organization. In this exciting opportunity the selected candidate will be responsible for developing and supporting complex Identity and Access Management (IAM) systems and architecture initiatives by designing, coding, debugging, documenting and maintaining complex programs and systems. This role includes engineering and support aspects of the company’s Public Key Infrastructure (PKI) and certificate lifecycle management systems and processes.
This position requires customer-focused consulting on security-related topics pertaining to IAM technologies, controls, and standards. The use of encryption, key management and certificates for a wide variety of applications, platforms and operating systems. In addition, assists with defining, documenting, supporting and enforcing policies, processes and tools around certificate lifecycle management.
Essential Duties and Responsibilities:
• Identity and access management; (i.e. authentication methods, or provisioning, or entitlement management)
• Lead and participate in IAM projects
• Implement access control model, controls around shared access, manage applications credentials, User and password access policy
• Perform Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management
• Provide architecture, design, implementation and process support as it pertains to the implementation of certificate and key management processes
• Leads in the design, testing and implementation of PKI infrastructures
• Serve as functional subject matter expert on using certificate-base authentication (two-factor authentication, mutual SSL, etc.) for endpoints and users
• Accountable for developing and communicating baseline security standards and policies as it pertains to Certificate management, key management, and encryption processes
• Provide leadership, guidance and technical expertise to project teams to ensure solutions are being designed and implemented in a manner that meets security policies and standards
• Partner with other QVC organizational units to define security requirements for new projects or changes to existing systems
• Assists in the Architectural and operational processes surrounding certificate management and key management in the enterprise
• Implement and execute processes and tooling required to support the life cycle of encryption and certificate management solutions
• Participate in defining and developing strategic plans for PKI and Certificate Lifecycle Management for the enterprise.
• Participate in diverse activities such as encryption policy configuration, key and certificate life-cycle management, certificate services configuration
• Ensure 24x7 uptime and monitoring of the PKI services.
• Provide consulting to all lines of business on security related topics pertaining to encryption and certificates
• Track, record and solve unique and complex problems that have a broad impact on the business
• Develops pioneering approaches to emerging industry trends
• Interface with vendors that provide security and encryption related services
• Bachelor’s Degree in Computer Science, Information Security or equivalent system security engineering experience.
• General Industry Standard Security certifications including: CISSP, CISA, CISM, CEH, SANS, GIAC
• Vendor related networking Certifications: CCSE, CCNA, CCNP, CCIE, or other CISCO Related certifications
• 5+ years of Information Security expertise in the following domains – PKI Infrastructure, Key and Certificate management
• 5 + years in the Identity and Access Management area with an emphasis on security with demonstrated increasing responsibility and breadth of knowledge
• Key management experience across the lifecycle of the certificate process in large enterprise organizations
• Experience configuring and managing Microsoft CA and Symantec Certificate Intelligence Center technologies
• Experience with cryptographic concepts including PKI, SSL, HSM, Smart cards, Symmetric/Asymmetric (Public/Private-PKI), subordinate CAs, cross-certification and certificate-based two-factor authentication
• Experience supporting multiple operating system including Windows Server and Linux/UNIX
• Knowledge of Active Directory and Group Policy and the integration points with PKI
• Experience in performing Privileged Account Management with fair understanding the underlying business processes
• Experience in implementing and integrating applications using CyberArk and Centrify
• Hands-on experience with the CyberArk and Centrify Identity Management products is required
• Ability to coordinate and support large and complex projects including product upgrades and deployment of new capabilities, tools and enhancements
• Strong interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats
• Previously demonstrated ability to execute tactical activities while retaining a long-term strategic view
• Strong written and verbal communications skills with ability to present technical risks and issues to non-technical audiences