Job Description
We are looking for a Senior Security Engineer to lead projects to secure our Linux-based machines. Working on a hybrid basis in our Galway office, or we can consider remote candidates already based in Ireland, you will manage the architecture, design, and implementation of Unphishable/Passwordless authentication and authorization for Linux machines, ensuring compliance with industry security standards such as CIS. You will also design and upgrade EA's enterprise PKI infrastructure using the latest security standards. You will design and implement security solutions to protect EA's enterprise virtualization platforms You will collaborate with enterprise security, application teams, and EAIT to lead the delivery of security solutions and projects. You will report to the Director of the Enterprise Security Engineering Core & Admin team.
Responsibilities
• Lead the development of a secure Passwordless/Unphishable authentication experience on Linux machines.
• Eliminate use of local usernames, passwords, and unsecured key-based authentication from Linux machines.
• Implement granular role-based access controls on Linux machines to improve security.
• Lead the EA's Technical Security Standards track based on CIS benchmarks for enterprise Linux systems, & network devices.
• Develop security architecture, and conduct regular security assessments for VMware environments.
• Work with the Enterprise Security Cloud architecture team to implement Linux-specific security controls within our Cloud Service Providers (CSPs).
• Design and implement PKI solutions to support secure communications, authentication, and encryption for EA's enterprise applications.
• Ensure EA's enterprise PKI systems comply with industry standards, regulatory requirements, and internal security policies.
• Stay up-to-date with the latest security trends, threats, and technologies, and recommend improvements to existing security measures.
• Perform application security reviews and threat modeling on mission-critical systems, & enterprise applications to find and address potential security risks.
• Help with the investigation and resolution of security incidents and breaches.
• Create comprehensive documentation for security architectures, procedures & best practices.
Qualifications
• 10+ years of experience in a security engineering role, with a focus on securing Linux-based systems, and enterprise PKI.
• Knowledge of Linux operating systems, including security features and best practices.
• Experience with cryptographic principles and algorithms.
• Experience with PKI technologies (e.g., CA, RA, OCSP, CRL, and HSM).
• Proficiency in securing virtualization platforms, such as VMware.
• Experience building centralized IAM for Linux using products such as RedHat IDM
• Knowledge of authentication standards/protocols (NTLM, Kerberos, LDAP, SAML, FIDO2/WebAuthN, OIDC, OAuth2.0).
• Experience with CIS benchmarks and their implementation.
• Technical skills in areas such as network security, cryptography, identity management, threat modeling, application security, and risk management.
• Experience with network protocols, encryption techniques, and security frameworks such as NIST and ISO/IEC 27001.
• Relevant certifications such as CISSP, CISM, CCSP, RedHat or similar
• Experience with enhanced Security Admin Environment (ESAE) architecture
• Experience with infrastructure as code (IaC) and automation tools (Terraform, Ansible)
• Proficiency in scripting and automation (e.g., Bash, Python)
• Collaborate with teams to lead the project work.
#LI-Remote, #LI-Hybrid
#FlexibleWork
Jobcode: Reference SBJ-rvx95m-44-192-26-226-42 in your application.