Security Engineer-Forgerock

Knutsford (Hybrid Working)

ASAP until end of September initially

£500p/d via Umbrella

Role Brief:

• 5+ years experience in Hands-on configuration, deployment and running ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with Embedded security gates, HTTP Header Signing, Access Token encryption, and Data at rest encryption approaches.
• Hands-on configuration and integration with HSM and CSM tools, and certificate life cycle management, eg rotation, revocation, etc. Automating security workflows using GitLab CI/CD pipelines, AWS CLI and Chef. 10+ years experience in executing penetration testing, hands-on coding in at least one of the following: JavaScript, Java, Python.
• PKI based self-sovereign Identity experience is a plus

Primary Skills-

• Expertise in CIAM, ForgeRock stack (PingGateway, PingAM, PingIDM, PingDS) with certification or proof of completion of ForgeRock Deep-Dive 4xx training courses.
• Identifying, mitigating, and communicating security risks to executive leadership.
• Partnering with engineering, product, and CISO teams to embed security by design to the DevSecOps life cycle. Proactively defending against evolving cyber threats.
  
  Secondary Skills-
• Cloud Security: deep knowledge of AWS security controls, policies and automation, CLI tools.
  Role based and attribute based access control approaches, protocols and tools, PKI, HSMs, cryptographic protocols, and secure key life cycle management.
• Advanced threat modelling, SOC operations, and forensic analysis.
• Securing microservices, APIs, and DevSecOps integrations.
• Vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security.
• Penetration testing approaches and tools, preparing, supporting, and managing penetration testing.