Information Security Engineer - Identity Trust

Location US-IA-Des Moines
Job ID
Information Technology
Requires Non-Compete?

Job Summary

Wellmark is looking for an Information Security Engineer to join our Identity and Access Management Team!


In this role, candidates will design, define, and implement processes and tools that are necessary to ensure the stability and performance of Identity & Access Management and security systems. Create and engineer systems or procedures to solve complex problems, controls/ applications, while balancing business needs against potential risks. Provide technical consultation and insight in Identity and Access Management and security systems, working across multiple disciplines such as networks, servers, desktops, applications and databases. Responsible for programming, supporting and maintaining complex Identity Management and security systems which are used to provide security for Wellmark’s most sensitive systems and critical applications.

Minimum Qualifications Required (all must be met to be considered)

  • Bachelor's Degree or direct and applicable work experience
  • 5+ years’ experience working in analysis of server or network controls in any of the following:
    • Strong knowledge in the following areas: Identity and Access Management (IAM), system virtualization, Windows and Linux Security, Cloud Security, Network and Network Security, Active Directory, Java, XML, JSON, Azure, AWS, MySQL, Federation, SSO.
    • Knowledge of compliance and regulatory program requirements, such as HIPAA, ISO 27000, NIST, FISMA, and SOC standards.
    • Experience using IAM tools (i.e. MySQL DB, Coding tools (i.e. Visual Code) SSO solutions, PAM solutions)Strong working knowledge across IT functions (Systems, Network, Databases and/or Application Development).  
  • Strong analytical and problem solving skills.  A certain degree of creativity, innovation and latitude is required (the ability to think outside the box when faced with challenges).
  • High attention to detail while completing tasks and processes. Ability to prioritize to maximize personal efficiency.
  • Ability to troubleshoot and interpret user problems, and discern appropriate solutions. Ability to look across multiple systems, applications and networks to troubleshoot security issues.
  • Strong customer service orientation with effective verbal and written communication skills working with technical and non-technical personnel, with the ability to address all levels of leadership, business, technical, and non-technical staff.

Hiring Specifications Preferred


  • Prior experience with Identity and Access Management and Security Governance
  • 3 years Identify and Access Management (IAM) Experience
  • CyberArk, SailPoint and/or Ping experience
  • General coding/scripting
  • Certified Information Systems Security Professional (CISSP) - (ISC)²
  • Global Information Assurance Certification GIAC Global Information Assurance Certification GIAC
  • Security CompTIA

Job Accountabilities

a. Design, analyze, and manage multiple security and/or access control models in a planned, conscious manner following defined security lifecycle. Measure and report on effectiveness of security controls to Enterprise Information Security EIS leadership, as well as to team members, IT leadership and IT staff. Work with leaders and business owners for recertification of access.

b. Serve as a senior representative of the security control structure ensure key methodologies and concepts are applied and documentation is in place to satisfy corporate, department, and internal and external auditor review.

c. Interpret information security policies, standards, and other requirements as they relate to a specific internal information system, and assist with the implementation of these and other information security requirements. Build policies within the access tracking system.

d. Design and manage security infrastructure including servers, storage array networks SAN, virtual environments, domain services, databases and applications. Provide timely updates, ensure optimal tuning performance, and ensure backups are regularly performed. Ensure routine maintenance on systems, databases, and security applications.

e. Secure EMail System Work with the EMail teams to ensure identified sensitive email is passed encrypted. Ensure secure e mail is highly available and works with multiple external customers, brokers and providers to create new direct connections TLS. Work with technical teams to ensure customer authentication is seamless.

f. Resolve complex security issues such as bypassed controls, disrupting security measures and technology changes provides a continual balance of applied security safeguards and business usability. Build security roles based on and specific criteria and business functions.

g. Offer high tier technical information security consulting services to distributed personnel who are responsible for one or more information security systems these people include Network Administrators, Systems Administrators, Database Administrators and Application Developers.

h. Evaluate information system bug reports, security exploit reports, laws and regulations, and other information security notices issued by information system vendors, government agencies, universities, professional associations, and other organizations, and as needed, makes recommendations to internal management and technical staff to take precautionary steps.

i. Serve as an active member of the Security Emergency Response Team SERT and participate in security incident response efforts. Respond to security incidents, and advise on risk remediation plans provide security reports to Enterprise Information Security management team. Act as a business consultant on information security incident investigations and forensic technical analysis.

j. Design and engineer internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability. Oversee privileged access permissions and ensure access is authorized appropriately. Manage red flags to appropriately alert in case of Segregation of Duty or violation of a dangerous combination of access.

k. Maintain uptodate detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Research and recommend new emerging technologies, techniques and tools that will add value to the organization.

l. Ensure documentation in place to satisfy corporate, department, and internal and external auditor review.

m. Other duties as assigned.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed