Senior Security Engineer

The IAM Directory Services team is responsible for the deployment, support, and continuous improvement of the firm's centralized identity infrastructure. This includes Active Directory (AD), Azure Active Directory (AAD), Mainframe ACF2, and Virtual Directory Services (VDS). Our mission is to ensure secure, scalable, and resilient identity services that support business agility and regulatory compliance., * Collaborate with security teams to address vulnerabilities in Windows Server 2022, Linux, Azure AD, LDAP, and OUD environments.

• Contribute to the development of secure configurations and hardening standards.

Directory Services Engineering & Support

• Provide operational support and lifecycle management for Active Directory, LDAP, Azure Active Directory, REST APIs, and Virtual Directory Services.
• Ensure high availability and performance of identity platforms through proactive monitoring and incident response.
• Participate in on-call rotations and provide Tier 3 escalation support.

Development & Automation

• Design, develop, and maintain scripts and tools (primarily in Java) to automate identity workflows, improve efficiency, and integrate systems.
• Assist in defining technical requirements and implementing enhancements to IAM platforms.
• Proficiency in Java and scripting for automation and integration.
• C# a plus
• AD Explorer and Visual Studios

Project Delivery & Documentation

• Lead or contribute to moderately complex IAM projects, ensuring alignment with business and security objectives.
• Produce and maintain technical documentation, including architecture diagrams, support runbooks, and troubleshooting guides.
• Participate in code reviews and quality assurance processes.

Stakeholder Engagement

• Collaborate with cross-functional teams to understand business needs and translate them into secure, scalable identity solutions.
• Build strong relationships with internal stakeholders to promote IAM best practices and drive adoption.

• Bachelor's degree or equivalent work experience in Information Systems or related disciplines. Security certifications are a plus but not required.
• Minimum of 5 years Information Systems Security experience, or 7 years of
• Information Technology system administration and/or networking.
• Research, design, implement, and maintain strategic security infrastructure.
• Measure business requirements against impacts and vulnerabilities to identify the resulting security risks.
• Create and maintain technical system documentation.
• Provide security input into technical efforts such as system, network, application and database design.
• Subject matter expert in technical security design & controls that mitigate risk.
• Advanced knowledge and understanding of security systems, risks, concepts and terminology.
• In depth experience with the security aspects of critical technologies (e.g., Active Directory, Linux, UNIX, MVS, Windows, Web, LDAP, DBMS, Network, Firewalls, IDS/IPS,
• Strong understanding of identity-related vulnerabilities and secure configuration practices.
• Authentication, Authorization, DNS, Vulnerability Assessment Tools).
• Familiarity with IAM frameworks, Zero Trust principles, and regulatory compliance standards (e.g., NIST, ISO 27001).
• Ability to lead or facilitate complex security efforts (e.g., vulnerability assessment,
• technical request for proposals, coordinate new technology integration, system
• design and implementation).
• Comprehensive understanding of project management and system development Lifecycle methodologies is preferred.
• Ability to diagnose complex security, network, and system issues. .
• Comprehension of basic scripting languages (e.g., shell, PERL, Visual Basic, PHP, Expect).

AD&D insurance, 401(k), Health insurance, Vision insurance, Health savings account, Dental insurance, Flexible spending account, Employee assistance program, Current INTERNAL home-based associates: While this role is posted as hybrid, if selected and accepted, you may retain your home-based status. Edward Jones intends in good faith to continue offering the role as home-based, though future business or regulatory needs may require on-site work.