FICO (NYSE: FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions.
Join our world-class team today and fulfill your career potential!
The Opportunity
The Identity Senior Engineer is a highly visible and critical role, collaborating on complex cloud and corporate service edge protection technologies and oversight.
With your proven history of technical knowledge of identity and access management systems and services you will be working on a variety of different challenges facing the organization.
You will provide both guidance and direct input to help ensure a secure, well-protected environment that complies with all applicable security standards.
- Director, Cyber Security.
What You’ll Contribute
In conjunction with our team and others, actively design and develop identity automation for a global enterprise composed of a diverse landscape of IDPs.
Working from a set of requirements, produce draft solution designs and initiate collaboration with stakeholders to refine the design to meet stakeholder expectations.
Assist with implementation of identity governance and administration (IGA) solutions for the company.
Create automated tooling to test identity systems to ensure detections work as designed.
Create automation to produce automated policy and posture collection and reporting, to allow for identity-specific proofs managed within Infrastructure as Code.
Create pipelines to deploy and manage IAM solutions and tooling.
Provide engineering and technical guidance for supporting the automation of interacting with security tools and services that support the IAM program within the company.
Keep current on emerging security technologies and tools and provide recommendations.
Support our compliance and certification initiatives and design with those in mind.
Collaborate with other engineers on design, analysis, architecture, implementation, security reviews and process enhancements.
What We’re Seeking
DevSecOps experience, the principles and responsibilities.
Proficiency in at least one high-level language (e.g., Python).
Experience with automation scripting and API integrations.
Familiarity with DevOps concepts, IaC tools, and CI/CD pipelines.
(e.g., Shell Scripting).
Experience with automation scripting and API integrations.
Familiarity with DevOps concepts, IaC tools, and CI/CD pipelines.
Terraform experience.
2-4 years of experience with privileged access management tools (CyberArk, SailPoint, Delinea, Clutch).
Experience with secrets management in CI/CD.
HashiCorp Vault experience.
CyberArk PAM experience.
AWS Identity (IAM, IDC) - intermediate level skills.
AzureEntra ID experience.
2-4 years in a security role, preferably in financial services or technology.
Solid collaborative skills working with architects, other engineers and the user community.
Expertise in security, identity, architecture, and design.
Hands-on experience with AWS, Azure, or other cloud platforms and IAM best practices.
Experience with Okta preferred.
Proficiency in identity-related technologies and protocols (LDAP, SAML, OAuth, OIDC).
Experience with identity provider services (Active Directory, AWS IAM, Okta).
Familiarity with Zero Trust security models (Zscaler, AWS networking).
Knowledge of Identity Governance Administration services.
Understanding of compliance frameworks (PCI-DSS, ISO 27001, NIST).
Certifications like CISSP, AWS Security Specialty, Azure SC-300, Kubernetes, etc.
a plus.
Our Offer to You
An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.
#LI-FS1
#LI-REMOTE