Principal, Infrastructure Security Engineer (PingDirectory, Cloud, Active Directory)
Location: Jersey City, New Jersey
Type: Full Time
Internal Number: 12752085
Technology Services Group (TSG) is the technology enabler for our firm. Our services provide a strong, resilient, and stable platform to host business processes while enabling innovation.
We are a global team that provides all infrastructure, end user computing and production support services. Our goal is to provide reliable, resilient, next-generation enterprise technology infrastructure and support that enables BNY Mellon employees to deliver client commitments and business solutions around the world.
Our TSG Architecture Infrastructure and Middleware (AIM) team provides high level of automation and self-service across the firm's technology footprint while developing products to deliver world class messaging, cloud, and security components to our firm. Our team's focus is to engineer solutions to improve the technology infrastructure moving from a highly manual current state to a tightly controlled automated state. AIM is comprised of 7 core services - Messaging, Web Authentication, Platform Security, App Engine, Discovery Services, Storefront and Responsibility Management and Entitlements (RME).
We are seeking a Principal, Infrastructure Security Engineer (Active Directory, Cloud) to join our Security Engineering team. We work on authentication, authorization, and data security for web applications, Linux, and Windows systems across our data centers. Our systems secure nearly a quarter of the global economy and we continue to invest in uplifting the technologies that underpin our private cloud and public clouds.
We're building our security services to enable engineering and operational efficiencies in our data centers and public cloud. Our team uses many technologies to enable innovation for our business. It is our goal to build enterprise scale solutions that are cryptographically secure, based on open standards and industry best practices.
Responsible for design, development and operationalization of enterprise scale security services.
Technical hands-on engineering and management of Microsoft Windows Platform, PingDirectory, and directory services.
Writing utility tools to help automate repetitive tasks.
Customizing reports for audit and re-certifications, and integration with firm standard re-certification and review systems.
This person is a subject matter expert in several of the tools/technologies used in the space. Leads the development infrastructure engineering growth strategies and initiatives. Leads initiatives to analyze complex infrastructure problems to be solved with advanced design. Leads the evaluation of the effectiveness of the organization's existing infrastructure technology and tools. Analyzes trends to develop strategy for the implementation of upgrades that will enhance the reliability, Resiliency and efficiency of the IT infrastructure. Provides leadership to execute project plans and performance requirements for all stages/phases through the management of human capital resources. This person is a subject matter expert in at least one of the tools/techologies used in the space. Participates in or leads initiatives to analyze infrastructure problems to be solved with advanced design. Utilizes standard procedures and policies when selecting methods, techniques, and evaluation criteria for obtaining results. Participates in or leads initiatives to analyze infrastructure problems to be solved with advanced design. Utilizes standard procedures and policies when selecting methods, techniques, and evaluation criteria for obtaining results. Manages the processes for ensuring that all systems/applications/software/hardware are compliant with Corporate policy/procedures. Monitors project plans and budgets. Works closely with external vendors, internal partners and busienss teams to provide infrastructure/tool needs. Works with Application Development and Quality Assurance, Testing and Business teams to understand infrastructure needs during the development, testing and production BAU processes. Ensures these needs are taken into account when developing infrastructure. Acts as escalation point for major incidents. Leads strategy to increase automation across the organization. Contributes to the achievement of multiple teams' objectives Bachelor's degree in computer science or a related discipline, or equivalent work experience required; advanced degree preferred 10-12 years of related experience required; experience in the securities or financial services industry is a plus
Bachelor's degree in computer science or a related discipline, or equivalent work experience required; advanced degree preferred 10-12 years of related experience required; experience in the securities or financial services industry is a plus
A track record of successful engineering, deployment, and management of Ping Directory LDAP services.
Has setup forests, configuration, schema, backup, recovery, knows security.
Expertise and deep understanding of LDAP, Kerberos, DNS sub-systems, TCP/IP, WNS, DHCP, Cross-Realm (Windows to Unix)
Ability to troubleshoot and debug issues in a fast-paced environment in a timely manner.
Ability to multi-task and context switch between various products and services.
Ability to analyze system performance and capacity metrics and tune systems.
Strong scripting skills using PowerShell.
Experience with Microsoft AD or other directory services.
Cloud experience is a plus.
Understanding of methods to enforce least privilege and just enough access to platforms and services is a plus.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans.
Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.