Architect, Information Security, IAM

Innovation starts from the heart. At Edwards Lifesciences, we're dedicated to developing ground-breaking technologies with a genuine impact on patients' lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions.

As the Edwards Architect for Information Security, you will contribute with the security design, implementation, operation and maintenance of Identity and Access Management service and related technologies. Ideal candidates possess both broad and deep technical knowledge in Information Security and IAM practice. This is highly collaborative role, and you will work in close collaboration with multiple cross-functional teams.

How you will make an impact :

Providing design and architecture guidance for enterprise-level security initiatives, system integration, and tools within the Identity and Access Management (IAM) domain.

Serving as the technical lead for enterprise-class IAM security initiatives.

Developing security design patterns and architectural models that ensure repeatable, consistent architecture for IAM capabilities and related technologies.

Establishing information security best practices and architectural models to ensure compliance with enterprise-wide security policies and standards in the IAM space.

Acting as a business liaison and lead advisor to multiple business units.

Leading operations and maintenance of key cybersecurity capabilities and services across multiple technologies.

Staying informed on the evolving cybersecurity threat landscape to drive innovative solutions that enhance Edwards' security posture.

Resolving issues and incidents through highly complex root cause analysis, followed by the development and implementation of strategic solutions.

Translating complex security concepts into business-friendly language to facilitate stakeholder understanding and alignment.

Performing other duties as assigned by management.

What you'll need (Required) :

Bachelor's Degree in related field.

6 years of previous related experience in Information Security and / or IAM domain with solid performance in an architect role working with cross-functional teams.

Expert of security concepts for identity and access management.

What else we look for (Preferred) :

Experience in designing and implementing secure Active Directory and Entra ID solutions.

Knowledge of Active Directory authentication features (Kerberos, NTLM, LDAP).

Experience with Active Directory security best practices (e.g. Privileged Access Management, credential theft mitigations, tiering model design).

Knowledge of common attack vectors and methods such as pass the hash, pass the ticket, ransomware, kerberoasting.

Experience of Active Directory capabilities (FSMO roles, schema management, trusts, replication, and Group Policy), Active Directory troubleshooting experience (AD replication, service health checks, advanced troubleshooting).

Working knowledge of IAM services of any public cloud providers (Azure, AWS, GCP), is a plus.

Understand modern IAM solutions (e.g. MFA, Authentication strengths, conditional access policies, PIM, External Identity, Entra ID Application Proxy, SSO, Application integrations)

Understanding of identity providers using SAML, OAuth, or OpenID Connect.

Experience in IAM engineering, building and maintaining security controls.

Experience implementing industry good practices (e.g., NIST, ISO2700x, SANS) preferred.

Experience and / or understanding of at least 3 cyber security domains (e.g., platform security, application security, network security, infrastructure, cloud security, data security and identity and access management).

Working knowledge with threat modeling (STRIDE), preferred.

Certifications in related discipline (e.g., CEH, CISM, CISSP), preferred.

Proficient analytical and problem-solving abilities to identify and mitigate potential identity security risks.

Substantial knowledge and understanding of cybersecurity principles

Experience drafting technical documentation.

Excellent verbal and written communication skills and customer focused skills

Ability to interact professionally with all organizational levels and proactively escalate issues to appropriate levels of management in the organization

Ability to manage competing priorities in a fast-paced environment

Strict attention to detail.

Good organization and time management skills

Ability to partner and facilitate security operations, incident response and forensic analysis when required.

Adhere to all company rules and requirements (e.g., pandemic protocols, Environmental Health & Safety rules) and take adequate control measures in preventing injuries to themselves and others as well as to the protection of environment and prevention of pollution under their span of influence / control.

Aligning our overall business objectives with performance, we offer competitive salaries, performance-based incentives, and a wide variety of benefits programs to address the diverse individual needs of our employees and their families.

For California (CA), the base pay range for this position is $123,000 to $174,000 (highly experienced).

The pay for the successful candidate will depend on various factors (e.g., qualifications, education, prior experience). Applications will be accepted while this position is posted on our Careers website.

Edwards is an Equal Opportunity / Affirmative Action employer including protected Veterans and individuals with disabilities.

COVID Vaccination Requirement

Edwards is committed to protecting our vulnerable patients and the healthcare providers who are treating them. As such, all patient-facing and in-hospital positions require COVID-19 vaccination. If hired into a covered role, as a condition of employment, you will be required to submit proof that you have been vaccinated for COVID-19, unless you request and are granted a medical or religious accommodation for exemption from the vaccination requirement. This vaccination requirement does not apply in locations where it is prohibited by law to impose vaccination.