Sr Security Engineer/PAM

Posted Date: Jul-13-2020

Job ID: 17788

Job Type: Full Time

Job Function: Information Technology

City: Kent

State: Washington

Store: REI Headquarters is moving to Bellevue’s Spring District, Summer 2020!



Please visit the Covid-19 Hiring Updates before applying


What's cool about this job

As a Senior Security Engineer – Identity and Access Management, you will help design the co-op’s IAM policies, bringing your ideas to the forefront of the overall REI security landscape. You’ll work closely with architects, security engineers, and other technical partners to drive work across the security horizontal foundation, working with the lines of business to ensure a cohesive end to end strategy. You will help implement changes to process and technology, demonstrating leadership in operational information security to manage risk objectively and consistently.


  • Main focus will be managing the CyberArk platforms and the PAM program, but may be asked to help manage Active Directory, Duo MFA, the Saviynt IGA platform, and SAP Security, depending on experience
  • CyberArk PAS administration of Vault and surrounding services and custom solutions, including rollout and support
  • CyberArk integration with other systems like Saviynt Security Manager to enable central pane of identity glass
  • CyberArk EPM rollout to enable eliminating local admin accounts 
  • Active Directory, Duo MFA, Saviynt work could include design, replication, integrity, maintenance and troubleshooting within on-premise, cloud, and hybrid models
  • Demonstrate operational excellence including support, following standard configuration and change management processes and practice
  • Collaborates with team members to successfully evaluate, design, build, and run IAM tools that provide value to the business while keeping it safe
  • Participates in on-call rotations that respond to operational issues
  • Develops metrics to improve programs that demonstrate current IAM risk state, indicators of progress, and business alignment
  • Analyze and help fix Identity Lifecycle Management and other compliance gaps
  • Work in active partnership with project teams providing leadership and security design guidance
  • May act as a liaison to compliance efforts and work alongside technical counterparts to remediate audit and security findings

Bring your passion and expertise

  • 4+ years’ professional experience in design, implementation, and rollout of CyberArk PAS and other technologies
  • 7+ years' security engineering experience at enterprise scale in a distributed computing environment
  • Results focused with a proven track record delivering multiple parallel projects in different phases at the same time
  • Solid understanding of security frameworks such as NIST, ISO and COBIT, and able to engineer to meet framework requirements
  • Expert knowledge of industry best practices and security principles for Identity and Access Management programs
  • Experience with Linux administration
  • Windows domain administrator experience with good understanding of GPOs
  • Web services technology (mainly Rest Services) experience for automation
  • Basic programming/scripting skills
  • Passion to share expertise and knowledge with colleagues

At REI we offer an enviable work environment that Fortune Magazine has recognized on the "100 Best Places to Work" list since the award's inception – 23 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.

With more than 160 retail locations (and growing), REI offers unique competitive benefits to its more than 15,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.

REI is an Equal Opportunity Employer

NEW YORK CORRECTION LAW
ARTICLE 23-A, Section 753
LICENSURE AND EMPLOYMENT OF PERSONS PREVIOUSLY CONVICTED OF ONE OR MORE CRIMINAL OFFENSES

§753. Factors to be considered concerning a previous criminal conviction; presumption.

1. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall consider the following factors:

(a) The public policy of this state, as expressed in this act, to encourage the licensure and employment of persons previously convicted of one or more criminal offenses.

(b) The specific duties and responsibilities necessarily related to the license or employment sought or held by the person.

(c) The bearing, if any, the criminal offense or offenses for which the person was previously convicted will have on his fitness or ability to perform one or more such duties or responsibilities.

(d) The time which has elapsed since the occurrence of the criminal offense or offenses.

(e) The age of the person at the time of occurrence of the criminal offense or offenses.

(f) The seriousness of the offense or offenses.

(g) Any information produced by the person, or produced on his behalf, in regard to his rehabilitation and good conduct.

(h) The legitimate interest of the public agency or private employer in protecting property, and the safety and welfare of specific individuals or the general public.

2. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall also give consideration to a certificate of relief from disabilities or a certificate of good conduct issued to the applicant, which certificate shall create a presumption of rehabilitation in regard to the offense or offenses specified therein.