Application Authentication: IAM

hace 4 meses


Bogotá Remoto, Colombia GSB A tiempo completo
Main Activities / Responsibilities:
● Generation of threat modeling analysis, security requirements and abuse cases for all
developments carried out in ADC.
● Analyze changes to existing software looking for security risks that can be implemented in the
coding process.
● Identify vulnerabilities in the source code and in the runtime application.
● Determine and advise on the recommended security controls required to remediate findings and
issues in an efficient and concise manner.
● Generate awareness campaigns to all stakeholders of the software process.
● Help developers to use secure coding practices, as well as resolve specific doubts about
vulnerabilities identified in the different testing scenarios.
● Align security solutions to Holcim methodologies and standards.
● Design, implement, and support the security model for general security solutions
● Develop and drive the implementation of security best practices and standards.
● Review requests for new systems or changes to existing systems and evaluate the impact to
security.
● Conduct pre-audits on security issues of concern, work with the user community on remediation;
conduct spot checks of user security to ensure compliance.
● Provide technical Support for security issues related to in-scope applications, infraestruture as
code and cloud services .
● Provide support to other colleagues in terms of technical/functional expertise with the assigned
business processes.
● Expert in Vulnerability Management tools like Qualys or Nessus .

Qualifications:
● Bachelor’s degree in Computer Science, Engineering, or related discipline with an IT focus.
● Certifications: CISSP, CISM, CISA, CRISC ITIL, CMMI, ISO 27001, GSEC, CSSLP.
● Ethical Hacking certifications desired.
● Secure coding certifications desired.

Required Experience:
● At least 4 years of experience in IT Security and development, delivering applications with a secure
focus, assessments and audits.
● Experience in fullstack development, object-oriented programming, microservices oriented
architecture, with knowledge in agile methodologies and DevOps model.

Desired Experience:
● Experience on secure development and ethical hacking.
● Experience with vulnerabilities and fixes for different languages (C, C#, Java, Javascript)

Soft skills:
● Experience coordinating and completing multiple tasks within established and changing deadlines.
● Excellent organizational, analytical, and independent problem solving skills.
● Demonstrated excellent oral and written communication skills necessary to interact effectively with
colleagues and with users of varying technological skill levels.
● Strong customer / end-user / client service orientation.
● Thrives working in a highly collaborative and team environment.
● Highly self-motivated and directed.
● Ability to provide 24/7 support to respond to critical incidents or business impacting project
deliverables.
● Keen attention to detail.
● Capability for problem solving, decision making, sound judgment, assertiveness.
● Ability to deal with difficult situations, unclear priorities and blocking stakeholders.
● Ability to work decisively under heavy workload considering the criticality, urgency and extended
work hours required to ensure availability of the service in accordance with service level
commitments.
● Ability to manage multi-cultural and multi-located teams.

Leadership skills:
● Lead by example on values and culture.
● A natural leader whose personality and communication skills instill a sense of credibility and trust.
● Able to coherently explain the proposed design and gain stakeholder buy-in to the proposed
solution.

Required skills:
● Authentication and Access Control Tools, Management and Administration.
● Application Security Architecture & Cloud Computing Concepts.
● Change & Security Configuration Audit and Control.
● Encryption Processes, Management and Administration.
● Experience in static and dynamic security testing (code review, vulnerability analysis, Ethical
Hacking)
● Knowledge in offensive security methodologies (OWASP, MASVS, OPENSAMM, CKC, etc).
Knowledge in tools such as OwaspZap, Burpsuite, Nessus, Service Manager, Git, Fortify, Codacy,
Sonarqube.
● Cost conscious and keeps a big picture perspective.

Desired skills:
● Knowledge in AWS cloud security.

Languages:
● English desired (written & spoken)
● Spanish required (written & spoken)

Benefits:
- Law benefits
- Courses and certifications

  • Bogotá - Remoto, Colombia GSB A tiempo completo

    Main Activities / Responsibilities: ● Generation of threat modeling analysis, security requirements and abuse cases for all developments carried out in ADC. ● Analyze changes to existing software looking for security risks that can be implemented in the coding process. ● Identify vulnerabilities in the source code and in the runtime application. ●...


  • Bogotá, Cundinamarca, Colombia GSB A tiempo completo

    Main Activities / Responsibilities: - Generation of threat modeling analysis, security requirements and abuse cases for all developments carried out in ADC. - Analyze changes to existing software looking for security risks that can be implemented in the coding process. - Determine and advise on the recommended security controls required to remediate...

  • Enterprise IAM Architect

    hace 3 semanas


    Bogotá, Bogotá D.E., Colombia J.S. Held A tiempo completo

    About the RoleWe are seeking a highly skilled Enterprise IAM Architect to join our dynamic IT team at J.S. Held. This is a unique opportunity for an entrepreneurial, highly driven individual with a well-rounded skill set to design, implement, and maintain Identity and Access Management (IAM) solutions.Key Responsibilities:Design and implement complex IAM...


  • Bogotá, Cundinamarca, Colombia GSB A tiempo completo

    Main Activities / Responsibilities: - Generation of threat modeling analysis, security requirements and abuse cases for all developments carried out in ADC. - Analyze changes to existing software looking for security risks that can be implemented in the coding process. - Determine and advise on the recommended security controls required to remediate...

  • IAM Engineer

    hace 1 semana


    Bogotá, Colombia Talan A tiempo completo

    Talan is an international advisory group on innovation and transformation through technology, with 5000 employees, and a turnover of 600M€. We offer our customers a continuum of services to support you at each key stage of your organization's transformation, with 4 main activities: CONSULTING in management and innovation: supporting business,...

  • Iam Engineer

    hace 3 meses


    Bogotá, Cundinamarca, Colombia Talan A tiempo completo

    **Descripción de la empresa** Talan is an international advisory group on innovation and transformation through technology, with 5000 employees, and a turnover of 600M€.** We offer our customers a continuum of services to support you at each key stage of your organization's transformation, with 4 main activities: - ** CONSULTING** in management and...


  • Bogotá, Colombia Emerging Tech, LLC A tiempo completo

    Job Summary: Support the EHRM-IO IAM team and provide Identity Management and analyst support. Reports to the Identity and Authentication Management workstream lead. Duties include but are not limited to: Support the development of the overarching strategy and project plans for Identity and other IAM components as required. Support partnerships and...


  • Bogotá, Cundinamarca, Colombia Scotiabank A tiempo completo

    **Requisition ID**: 212279 We are committed to investing in our employees and helping you continue your career at ScotiaTech. **Purpose** **_ The Team_** The Global Identity & Access Management organization is responsible for setting the strategy and roadmap for Identity and Access Management (IAM) and defining, delivering, operating and governing...


  • Bogotá, Colombia J.S. Held A tiempo completo

    Senior Identity and Access Management (IAM) Engineer Are you looking to join an organization that is growing and dynamic? What about a high-energy, collaborative environment that rewards hard work? J.S. Held is a global consulting firm that combines technical, scientific, financial, and strategic expertise to advise clients seeking to realize value and...


  • Bogotá, Colombia Cyber Crime A tiempo completo

    Senior Identity and Access Management (IAM) Engineer Are you looking to join an organization that is growing and dynamic? What about a high-energy, collaborative environment that rewards hard work? J.S. Held is a global consulting firm that combines technical, scientific, financial, and strategic expertise to advise clients seeking to realize value and...


  • Bogotá, Colombia Scotiabank A tiempo completo

    Requisition ID: 212279 We are committed to investing in our employees and helping you continue your career at ScotiaTech. Purpose The Team The Global Identity & Access Management organization is responsible for setting the strategy and roadmap for Identity and Access Management (IAM) and defining, delivering, operating and governing security...


  • Bogotá, Bogotá D.E., Colombia Talan A tiempo completo

    Talan, an international advisory group on innovation and transformation through technology, is seeking a skilled Cloud Security Architect to join our team. As a key member of our security team, you will play a crucial role in designing and implementing secure cloud-based solutions for our clients.About the RoleThis is a full-time position that offers a...


  • Bogotá - Remoto, Colombia GSB A tiempo completo

    About the RoleWe are seeking an experienced Application Security Specialist to join our team at GSB. In this role, you will be responsible for designing and implementing secure application architectures, ensuring the confidentiality, integrity, and availability of our cloud-based systems.Key ResponsibilitiesDevelop and maintain comprehensive security...


  • Bogotá, Bogotá D.E., Colombia J.S. Held LLC A tiempo completo

    Job Overview:We are seeking a highly skilled Identity Management Expert to join our dynamic IT team at J.S. Held LLC. As a key member of our Cyber Security team, you will be responsible for designing, implementing, and maintaining Identity and Access Management solutions using various technologies such as Azure Entra (Azure AD), SailPoint, and ServiceNow.The...


  • Bogotá, Bogotá D.E., Colombia J.S. Held Llc A tiempo completo

    About the RoleWe are seeking a highly skilled Senior Identity Management Strategist to join our dynamic IT team at J.S. Held LLC.Job DescriptionThis is an exciting opportunity for a motivated individual with a strong background in Identity and Access Management (IAM) to design, implement, and maintain IAM solutions using various technologies such as Azure...


  • Bogotá, Bogotá D.E., Colombia J.S. Held A tiempo completo

    Unlock New Opportunities with J.S. HeldWe are a global consulting firm that offers a comprehensive suite of services, products, and data to enable clients to navigate complex situations.As a Senior SailPoint Engineer at J.S. Held, you will play a critical role in designing, implementing, and managing Identity and Access Management solutions using Azure Entra...


  • Bogotá, Bogotá D.E., Colombia J.S. Held LLC A tiempo completo

    About J.S. Held LLCEstablished in [country], J.S. Held LLC is a leading provider of expert consulting and technical services. Our team of seasoned professionals delivers high-quality solutions to various industries, ensuring our clients' success.Job SummaryWe are seeking an experienced Senior SailPoint Engineer to join our Cyber Security team. As a key...


  • Bogotá, Cundinamarca, Colombia J.S. Held LLC A tiempo completo

    **Company Description** Are you looking to join an organization that is growing and dynamic? What about a high-energy, collaborative environment that rewards hard work?** J.S. Held is a global consulting firm that combines technical, scientific, financial, and strategic expertise to advise clients seeking to realize value and mitigate risk. Our...


  • Bogotá, Bogotá D.E., Colombia Gsb A tiempo completo

    Job SummaryWe are seeking an experienced Application Security Specialist to join our team at Gsb. As a key member of our security team, you will be responsible for ensuring the security and integrity of our applications.About the RoleThis is a senior-level position that requires a strong background in application security, threat modeling, and secure coding...


  • Bogotá, Bogotá D.E., Colombia Cyber Crime A tiempo completo

    Unlock Your Potential as a Cyber Security ExpertWe are seeking a highly skilled Senior Identity and Access Management (IAM) Engineer to join our dynamic IT team. As a Bilingual Senior IAM Engineer, you will play a crucial role in designing, implementing, and managing Identity and Access Management solutions using various technologies such as Azure Entra...