Job Description

Responsible for effectively planning, designing, implementing and monitoring security technologies and projects that support the firms' underlying security policies and procedures. Design, document and implement appropriate security policies and standards that protect the firms' information assets. Utilize highly technical and physical forensics to ensure that security policies, standards and best practices are followed throughout the technology organization-including where vendors are utilized to provide services.

Engineer will support the ongoing operations tasks/incidents ensuring the platform availability to end users and applications. Additional responsibilities include drive QA team, DevSecOps, create MFA policies in Online Client Security project, platform optimization, logging & auditing enhancements and implementing new solutions within IAM space and along with other automation.

Drive the IAM QA team and function.

About Our Company

The Ameriprise Financial Technology team mission is to create innovative technology solutions and engaging digital experiences for our clients, advisors, and employees. We embrace an inclusive and collaborative culture that allows us to partner across the business and lend our expertise in the areas of corporate computing, network infrastructure and security. We celebrate the unique qualities and reward the contributions of our talented, passionate employees. If you're motivated and want to work for a strong, ethical company that cares about you and your community, take the next step with Ameriprise Technology.

Ameriprise Financial is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, genetic information, age, sexual orientation, citizenship, gender identity, disability, veteran status, marital status, family status or any other basis prohibited by law.

Preferred Qualifications

• Demonstrated experience contributing and collaborating effectively as an informal leader in a high-functioning team.
• Effective organizational, analytical and independent problem solving skills.
• Successful experience coordinating and completing multiple tasks within established and changing deadlines.
• Strong presentation skills with experience addressing and interfacing with executives and technical staff.
• Experience working in the financial services industry or other highly regulated/compliance oriented environments.
• Experience with regulatory compliance issues such as: FFIEC, OFCC, SEC and Federal Reserve plus: SOX, GLBA and PCI.

Responsibilities

• Work in collaboration with the Security product vendors, Antifraud and information security teams to offer support to security tools and technologies
• Plan, develop , implement and Document the Multifactor authentication policies and rules to help in the effective execution of the information security strategy defined
• Conducts risk analysis, identify vulnerabilities on the Online Client Security and execute on security projects that improve detection and response capabilities.
• Troubleshoot and maintain security infrastructure software and hardware.
• Conduct code Security scans and publish reports
• Install software that monitors systems and networks for security breaches and intrusions
• Perform all tests on production and lower environment applications and prepare recovery procedures for all applications and provide upgrade to same.
• Coordinate with IT groups and external vendors and ensure effective application services to ensure reliability of all applications
• Create and monitor all alerts and escalate all issues for all procedures and systems.
• Coordinate with various teams and raise incidents for all issues, analyze root cause and assist in efficient resolution of all production processes.
• Focus on continuous improvement of response capabilities through automation and critical thinking, conducts log analysis and traffic investigations
• Expertise in handling JIRA stories, conduct refinement , retrospective and daily scrum meetings
• Write cloud agnostic test scripts to help validate the security strategy during the migration of IAM platform from on-premises to AWS cloud
• Establish and execute effective change management, incident management and release management processes
• Maintain performance test baselines, Conduct load and endurance tests, analyses/troubleshoot the performance and publish performance testing reports across various attributes
• Validates the logging of information or data into log monitoring tools such as Sumo logic to ensure compliance and effective logging of the application, network, infra structure and website traffic
• Ensure seamless application integration with Single Sign, second factor authentication and monitoring tools
• Driving the QA team in the development of the test scenarios and test execution, test management of overall test schedule, quality assurance resource requirements, testing effort estimation, risk assessment, defect triaging, test data management end-to-end across all the project sub systems, conduct/co-ordinate testing meetings with all the internal and external core teams
• Owning all the quality assurance project deliverables across the entire program subsystems, synchronization and task prioritization for the core teams involved in the quality assurance of the program
• Capture System requirements, identifying Functional and Non-Functional requirements of the system and strategize the testing techniques that are needed for all types of testing
• Creates complex and challenging test scenarios to conduct quality assurance of the application components against the single sign-on, multifactor authentication authorization rules and Privileged Access management policies such that the client's IT network can no longer be compromised by the cybercriminals and the applications are always compliant to regulations
• Design and perform architectural enhancements to the automation framework to tailor them to support the quality assurance of the applications, components/products integrated and develop scripts for UI and Webservice automation and performance testing
• Builds, enhance and maintain the continuous Integration , Continuous delivery/deployment and Continuous testing DevsecOps model for quality assurance end-to-end
• Review the automation code and approve the code merge to code repositories

Required Qualifications

• Bachelors degree in Computer Science, MIS, Technology Forensics, or related technical field; or equivalent work experience.
• 5-7 years of relevant experience required.
• Certifications (Optional): CISSP, CISA, CISM, CRISC, or equivalent security certification.
• 5+ years experience installing, monitoring and maintaining information security solutions - including policy design and implementation.
• 3+ years experience evaluating and designing security solutions for technology projects.
• Demonstrated understanding of security related technologies and practices, including: authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, secure remote access, and fire walls.
• Strong/diverse technical background in enterprise networking, firewall, storage options, server infrastructure, operating systems, database technologies, and desktop operating systems and security.