Information Security Engineer Privileged Access Management

Company Description

Eurofins Scientific is an international life sciences company which provides a unique range of analytical testing services to clients across multiple industries. The Group believes it is the world leader in food, environment and pharmaceutical products testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, advanced material sciences and for supporting clinical studies. In addition, Eurofins is one of the key emerging players in specialty clinical diagnostic testing in Europe and the USA.

Group's key figures are approx. 4.56 billion Euros turnover, over 900 laboratories across 50 countries and about 58,000 staff.

Job Description

How can you contribute?

In this role, you will be responsible for supporting the Privileged Access Management (PAM) services while adhering to Eurofins standards and best practices for the entire environment (On-Prem and Cloud).

It is essential for you to be able to take up challenges, adapt to the business needs, and staying focused on delivering results, as well as act as a strong technical leader. Therefore, you will be expected to provide out of business support hours from time to time, and on short notice, as and when required (e.g., troubleshooting and resolving production issues, or carry out essential maintenance activities).

You will work closely with business and IT stakeholders to develop and perform stronger governance of PAM & IAM processes, engage in risk-based security assessments, and assist in remediation efforts.

Other responsibilities will include:

·         Responsible for creating, maintaining, and monitoring the policies on PAM solutions

·         Ability to document and define PAM target state processes and gather business requirements

·         Support security-related assessments and configurations for PAM platforms and provide a recommendation of the best practices for implementation

·         Develop and report risk metrics (KPIs/KRIs) as well periodic scorecards consumed by management for the PAM program

·         Keep pace with emerging IAM and PAM technology, cyber threats, and industry trends around cybersecurity

·         Establishes and refines procedures and other business processes to detect errors and inconsistencies in privileges

·         Support detailed reporting and root cause analysis with various internal technology teams

·         Build relationships and serve as a liaison between system/application owners and the internal technology team for governance and security-specific initiatives

Qualifications

Are you our kind of extraordinary?

You will have a University degree in a Computer Science or relevant field, ideally with CISSP, CCSK/CCSP or CISM Certifications and knowledge of BeyondTrust, CyberArk, Observe IT, Arcos or other PAM technologies. It is important to have relevant experience with Design, Build, and operations of PAM solutions and experience integrating PAM solutions with infrastructure and applications.

You must be fluent in the English language, both spoken and written.

Your technical skills must include:

·         Experience and working knowledge of IAM/PAM Standards and common best practices including Authentication, Authorization, role-based access controls and PAM Governance and Administration

·         Strong understanding of Privileged Access Management processes:

o    Privileged access controls

o    Role Base Access Control and/or Attribute and Policy-based Access Control

o    Managed credentials and systems

o    ITSM integration

o    Manage Applications Credentials

o    User Access Policy Management

o    Break Glass procedures

·         Strong Windows Active Directory, UNIX, Linux & SSH key management experience

·         Strong understanding of network hardware configuration and password management options (SSH, ACS, LDAP)

·         Strong understanding of Microsoft SQL Databases

·         Strong understanding of authentication methods and techniques (LDAP/AD, others)

Technical skills in the following will be considered an advantage:

·         Strong knowledge of SAML, Header-Based authentication, SCIM, FIDO, OAuth, Open ID connect and REST concepts

·         Strong understanding of the information security domains

·         Experience with different services, technologies within cloud environments like AWS, Azure, GCP

·         Ability to perform a risk assessment and security threat modelling exercises with technology engineering teams

·         Be excellent in coordination with cross-functional teams and vendors for evaluation/rollout of new technologies

Additional Information

What we offer:

·         Very attractive, multicultural and friendly work environment in fast-growing international company (more than 55 000 employees now)

·         Possibility to grow and make the next step in your professional career and self-development

·         Long-term relationship and competitive salary package and bonus

·         Medical and life insurance, MyBenefit system

·         For this role there is a possibility of working fully remotely