Rackspace Technology is a leading provider of expertise and managed services across all the major public and private cloud technologies. We’ve evolved Fanatical Support to encompass the entire customer journey — providing Fanatical Experience™ from first consultation to daily operations. Our passionate experts combine the power of proactive, always-on service and expertise with best-in-class tools and automation to deliver technology when and how our customers need it.
Rackspace has been commissioned by the Kingdom of Saudi Arabia to assure the build of a sovereign multi-tenant private cloud that we have designed.
Job Overview:
We are looking for a skilled and motivated Security Engineer with a good level understanding of critical cybersecurity domains, including Identity and Access Management (IAM), Privileged Access Management (PAM), and Risk and Vulnerability Management. The ideal candidate will possess hands-on experience with PAM solutions, ideally CyberArk; IAM solutions, ideally PingID/ForgeRock; and vulnerability and risk management solutions, ideally Qualys. Equivalent experience with other vendors is acceptable.
This role requires a good understanding of cybersecurity principles and operational support experience, particularly within a private cloud platform utilizing VMware and OpenStack. The engineer will provide operational support to assure the availability and the security compliance of the solutions, while also supporting the cloud level integration of these solutions in the context of providing these services to all cloud tenants.
You will collaborate closely with Architects and Software Developers to assure seamless integrations of your managed solutions with the cloud platform.
\n- Identity and Access Management (IAM):
- Implement and manage IAM solutions, with a preference for PingID / ForgeRock.
- Ensure proper authentication and authorization mechanisms are integrated with the private cloud infrastructure.
- Monitor and manage user access controls and permissions within the context of both VMware and OpenStack environments.
- Privileged Access Management (PAM):
- Administer and monitor privileged accounts using PAM solutions, ideally CyberArk.
- Implement least privilege policies and manage privileged access requests.
- Ensure compliance with PAM policies and procedures, supporting both the infrastructure and cloud tenant services.
- Risk and Vulnerability Management:
- Conduct regular vulnerability assessments using tools like Qualys focus on infrastructure components such as compute, storage, networking devices and web applications.
- Analyze and prioritize risks and vulnerabilities within the private cloud platform.
- Implement remediation strategies to mitigate identified vulnerabilities, ensuring continuous service availability for cloud tenants.
- Integration and Operational Support:
- Provide operational support for security systems and tools within the private cloud infrastructure.
- Ensure seamless integration of security solutions with cloud components to maintain uninterrupted cloud functionalities.
- Participate in the security incident response process, focusing on both infrastructure and tenant service levels.
- Develop and maintain comprehensive security documentation and procedures.
- Participate in the enhancement of the solution by attending regular meetings with the security team.
- Responsible for the availability and functionality of the security solutions while being the primary escalation point for the client requests.
- Application Security Testing Methodologies:
- Mid-level knowledge of security principles such as confidentiality, integrity and availability.
- Understand the principles of application security testing.
- Assist with the implementation of security testing tools and processes within the cloud infrastructure.
- Experience with IAM, PAM and Vulnerability Management tools.
- Familiar with zero-trust, need-to-know, RBAC, least-privileges cybersecurity principles.
- Familiar with cyber security frameworks such as ISO27001, NIST
- Familiar with web applications communications and data flow requirements such as API communications as all the solutions will use API functionality for Cloud services integrations.
- Familiar with Infrastructure as Code principles and automation principles. You are not required to write code, but to be familiar with it.
- Familiar with PAM principles such as multi-tenancy, session recording, session management, audit.
- Good knowledge of Identity and Access solutions.
- Bachelor’s degree in computer science, Information Security, or a related field, or equivalent experience.
- 3-5 years of experience in cybersecurity roles.
- Hands-on experience with PAM tools, ideally CyberArk.
- Hands-on experience with IAM tools, ideally PingID/ForgeRock.
- Hands-on experience with vulnerability and risk management tools, ideally Qualys.
- Knowledge of network security concepts such as isolation and segmentation.
- Familiarity with risk assessment and vulnerability management practices.
- Strong analytical and problem-solving skills.
- Excellent communication and teamwork abilities.
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- GIAC Security Essentials (GSEC)
#LI-LP2