IT - Security Engineer II

Cincinnati Financial   •  

Fairfield, OH

Not Specified years

Posted 243 days ago

This job is no longer available.



The Cincinnati Insurance Companies are currently seeking a security engineer to design, implement and test scalable and secure LDAD-Identity and Access Management securityinfrastructure.



  • engineer IAM directory solutions for applications and evaluate LDAP-related technologies
  • develop IAM technology standards and directory synchronization processes
  • support single sign-on authentication for our Intranet and Extranet web portals and applications
  • produce IAM schema designs and operational plans for populating, maintaining, operating, deploying and enhancing various forms of enterprise level directories
  • understand and refine the role based security framework used for authentication and single sign-on
  • demonstrate proficiency with common aspects of directory design (namespace, schema, security, topology) and be versed in schema extension, migration and merging strategies
  • participate in the planning and development of a security API, which leverages a role-based security framework for use with our web based applications
  • review audit logs, directory usage, server performance and directory performance on regular basis
  • develop new or update scripts (using Perl) to support directory infrastructure
  • partner with the architecture and information security teams to identify the long-term role of directory services across the company
  • participate in the development and deployment of interfaces between the directory, source and target systems and directory enable applications; use heavy influence over the design of these systems and resolve conflicting goals of divergent groups






  • designing, installing and upgrading LDAP or x.500 directories and debugging directory related issues
  • integrating directory with third party and custom applications and troubleshooting relevant integrating issues
  • custom schema creation and management
  • modeling data creating high-level and system-level design documents for integrating with directory enabled applications
  • deploying corporate role-based directory/security models within the framework of a highly complex organization model
  • information securitytechnologies and industry best practices
  • using object-level design practices (Java or .Net preferred)
  • using scriptinglanguages to create custom usage/auditreports and data migration between directories or identity management applications (TIM/TAM)
  • automating user account and creating group membership
  • working with other application groups and presenting system design documents
  • single-sign on concept and applications (TAM), J2EE 1.2 and up, Microsoft SQL server and/or IBM DB2 and application server (IBM web sphere preferred)
  • installing/upgrading Access Management and Identity Management applications
  • creating/debugging directory enable applications using JDN1, LDAP C SDK, ADSI

Desired skills and experience:

  • working knowledge of LDAP directory servers (e.g. Microsoft Active directory, Red Hat directory, CA directory, Tivoli directory server)
  • working knowledge of a high level language such as Java or C#
  • working knowledge of scriptinglanguages such as JavaScript or Perl
  • experience with an Identity and Access Management product suite (e.g. Ping, IBM, Okta)
  • experience with reverse proxy servers, and/or load balancers (BIG-IP, NetScaler, Apache)
  • proficient in working with commercial off the shelf federation and SSO products (e.g. ADPS, CA, TFIM)
  • proficient in federation concepts like SMAL, OAUTH
  • working knowledge of UNIX
  • proficient in service oriented architecture concepts
  • experience integrating applications with Access Management applications (e.g. Oracle Access Manager, Tivoli Access Manager)
  • experience in working with API gateways