Sr. Security Engineer - Cryptography and Access Management
Toronto - Queen's Quay - Headquarters
Applications have closed
The Kraft Heinz Company
The Kraft Heinz Company provides high quality, great taste and nutrition for all eating occasions whether at home, in restaurants or on the go.Job Description
The Information Security team is committed to delivering innovative cybersecurity solutions and services to the enterprise. Our global team is growing!!
We are looking for a Sr. Security Engineer to join us, with a focus on supporting our needs and capabilities across Private Key Infrastructure (PKI) and Privileged Access Management (PAM).
This role will lead all aspects of administration, operations and continuous advancement of Kraft Heinz enterprise cryptographic and access management capabilities. You will work closely with the PKI and PAM program owners, IT and Business Partners, and other organizational partners to deliver on required program capabilities, program compliance requirements and program maturity targets.
Key responsibilities:
Perform day to day monitoring, management and maintenance of organization's PKI and PAM platforms, ensuring maximum platform capability, performance and health.
Maintain standards, playbooks and communications for management and maintenance of program capabilities and processes
Maintain technical documentation around architecture, configuration, management maintenance of core platforms, supporting tooling and other applicable technologies.
Lead, supervise and continuously optimize delivery and user experience of certificate lifecycle management processes, including request, approval, issuance, validation and revocation, to ensure continuous alignment with requirements and compliance with standards and processes.
Support the design, build and deployment of enterprise PKI systems and ensure PKI systems align with and enforce industry leading practices and NIST standards.
Manage, supervise and continuously optimize delivery and user experience of privileged account lifecycle management processes, including provisioning, vaulting, rotation, changes, deprovisioning, and access reviews.
Lead cyclical and ad-hoc training and awareness programs around PKI and PAM capabilities and practices.
Collaborate with multi-functional teams to ensure flawless execution of security processes.
Design, plan and implement the integration of platforms with other security systems and applications.
Implement applicable policies, procedures, and standards to internal teams and collaborators.
Successfully communicate with internal engineering and operations teams to design, plan, implement, validate and memorialize changes to platform configuration, integrations and processes.
Partner with internal and external teams and product vendors to lead resolution of issues with certificates and certificate lifecycle, privileged access and access lifecycle, platform, platform integrations, and other issues as they arise.
Monitor, measure and communicate key program capabilities and metrics
Provide support for program audits to ensure alignment of practices to processes, and compliance of processes to requirements
Continuously evaluate and improve the capability of platforms to stay ahead of emerging threats.
Evaluate new tools, technologies and techniques to enhance the efficacy and efficiency of programs and capabilities.
Stay updated with, and communicate to program owners and key partners, changes and advancements to industry trends, standards, and regulatory requirements
Qualifications for this role include:
Advanced experience in cybersecurity, with at least three years of hands-on experience and expertise with encryption and identity and access management
Strong level of understanding of Enterprise PKI platforms and processes, including certificate enrollment protocols, automation, lifecycle, troubleshooting and resolution.
Strong level understanding of Enterprise PAM platforms and processes, including provisioning, vaulting, granular rights management, de-provisioning and verification processes, injection and secure access.
Strong level of understanding of enterprise directory services and group policies.
Strong level of understanding of authentication flows and mechanisms, including strong multi-factor authentication.
Experience with scripting in Python, shell and powershell.
Familiarity with security frameworks and standards (e.g., NIST CSF, ISO 27001).
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills.
Location(s)
Toronto - Queen's Quay - HeadquartersKraft Heinz is an Equal Opportunity Employer – Underrepresented Ethnic Minority Groups/Women/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity and other protected classes. In order to ensure reasonable accommodation for protected individuals, applicants that require accommodation in the job application process may contact NATAI@kraftheinz.com for assistance.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation Compliance Cryptography Encryption IAM ISO 27001 Monitoring NIST PKI PowerShell Python Scripting
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs