What Working at Hexaware offers:
Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.
Hexaware provides access to a vast array of tools that enhance, revolutionize, and advance professional profile. We complete the circle with excellent growth opportunities, chances to collaborate with highly visible customers, chances to work alongside bright brains, and the perfect work-life balance.
With an ever-expanding portfolio of capabilities, we delve deep into and identify the source of our motivation. Although technology is at the core of our solutions, it is still the people and their passion that fuel Hexaware’s commitment towards creating smiles.
“At Hexaware we encourage to challenge oneself to achieve full potential and propel growth. We trust and empower to disrupt the status quo and innovate for a better future. We encourage an open and inspiring culture that fosters learning and brings talented, passionate, and caring people together.”
We are always interested in, and want to support, the professional and personal you. We offer a wide array of programs to help expand skills and supercharge careers. We help discover passion—the driving force that makes one smile and innovate, create, and make a difference every day.
The Hexaware Advantage: Your Workplace Benefits
- Excellent Health benefits with low-cost employee premium.
- Wide range of voluntary benefits such as Legal, Identity theft and Critical Care Coverage
- Unlimited training and upskilling opportunities through Udemy and Hexavarsity.
Role - IAM Consultant
Location - Chicago, IL (Hybrid 3 days office, No remote)
Job Type - Fulltime/Contract
Primary skill:
Identity, Authentication and Authorization Architect (IAA) – Cyber security
Authentication & Access mgmt. with Industry frameworks like NIST CSF, COBIT, SOC, GDPR
Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP
Secondary skill:
Cloud security – Good to have.
CISSP/CSSP - Preferred
JD:
- Fifteen years of experience in the Information Security role. Seven years of experience as an IAM Architect
- Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies.
- Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff.
- CISSP, CSSP, or Cloud security certification preferred.
- Strong collaboration skills and an analytical ability
- Certifications on Azure, AWS security will be preferred.
- Design Identity centric Workforce Security solutions to ensure secure and efficient authentication and access management aligned with the industry frameworks and standards (NIST CSF, COBIT, SOC, GDPR etc.)
- Guides the architectural development of identity solutions, access patterns, modern security protocols, practicing Zero trust, least privileged, defense in depth principles.
- Review and provide feedback on Identity, Authentication and Access management related security solutions proposed by stakeholders and can provide consultation to the partners and IT Management
- Acts as cybersecurity expert to participate in solutions from IAA perspective spanning end user computing, proxy solutions, MFA, SSO, conditional accesses, device based authentication, VPN solutions, Desktop virtualization solutions, Password less, YubiKey, bio-metric solutions, identity and governance scenarios, network segmentations, Secrets Management, Certificates Management, Automation, role based access control, Privileged identity management, end user computing, Just in time accesses, data protection solutions etc.
- Thoroughly understands and provides solutions considering Security technology choices, such as design, protocols support, secrets management, data security, client server communication, token handling, Session management, credential vaulting, OIDC/ OAuth flows, authorization patterns, identity federation, cloud architectures, cryptography, cloud native services, cloud security etc.
- Good understanding of Cloud Infrastructure Entitlement Management solution (CIEM) to ensure continuous improvement in Security Posture by providing consultations to application teams.
- Design target architectures and roadmaps considering IAM security control frameworks and audit requirements.
- Awareness of Cyber Security Risk management principles and frameworks, supply chain risk and third-party risk assessment controls
- Understanding and application of threat modeling concepts and methodologies
- Displays a balanced, cross-functional perspective under information security, liaising with other towers and business to help improve Security centric designs.
- In-depth knowledge and experience on Entrap ID, EPM, Sentinel, Azure, M365, AWS Security
- Knowledge on Okta, PingFederate, Entitlement management solutions
- In-depth knowledge of various cybersecurity frameworks, standards, and identity governance and administration
- Strong knowledge on Identities management on Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP, Identity Federations etc.
- Experience in providing security solutions for Java based Micro services, React based frontends and Android/iOS based mobile applications on the Azure.
- Hands-of experience in JWT, session handling, Code signing, Certificate authentication, TLS/SSL, API Security, Application registration, application integration scenarios etc.
- Exposure to API Management, Firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs, Application Gateways, NSGs, App Proxy, Radius clusters, CDN etc.
- Deeper understanding of Applications security, OWASP standards, security best practices, browser compatibilities/storages/cookies
- Deeper understanding on Cloud Security areas such as Policies, RBAC, activities, identities, privileged access management etc.
- Authentication/Authorization/Auditing/Accounting frameworks and hands-on experience, Privilege Identity/access management on the cloud
- Ability to support operations in troubleshooting complex identity scenarios with hands-on experience on Sentinel/KQL/Audit logs etc.
- Understanding of IaC, CI/CD pipeline, automation, and vulnerability scanning tools, Terraform, PowerShell, bash script, Azure CLI
Very good understanding of concepts related to docker Security, container orchestration/Kubernetes, mTLS, Dapper, Service Mesh and security scenarios