Principal Cybersecurity Engineer (Identity and Access Management)

Be part of a team that values safety, diversity, and excellence

We are one of the largest U.S. railroads transporting the nation’s freight across 28 western states and 3 Canadian provinces. As a member of our team, you will play a role in supporting the movement of essential products and materials that help feed, clothe, supply, and power communities throughout America and the world.  

We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!

Learn more about BNSF and our Benefits

Job Location: Fort Worth
Other Potential Locations: Fort Worth, TX 
Anticipated Start Date: 03/16/2025
Number of Positions: 1 
Salary Range: $97,100 - $124,000

Apply early as this job may be removed or filled prior to the closing date, which is approximately seven (7) days after the posting date.

The BNSF Railway Technology Services department drives innovation and efficiency by developing and maintaining advanced technological solutions across the network. This team ensures a robust IT infrastructure, supports critical applications, and enhances cybersecurity measures. Their expertise is essential in optimizing operations and enabling BNSF to deliver reliable, cutting-edge transportation services.

This is a full-time position located in Fort Worth, TX.   For certain positions, including this one, employees can work one day per week remotely.  Our leaders also foster a culture where work life balance, which requires flexibility for when life happens, is important and respected.

Travel is minimal (less than 5%).

Key responsibilities may include: 

Managing development, deployment and support of Security Identity Management solutions as directed by management and senior team members.

Leading troubleshooting and triaging issues, monitoring system health, deploying enhancements, hot fixes, and fix packs, performing configuration changes in multiple environments, and coordinating with key stakeholders from IT operations, business teams, and third-party vendors.

Assist with user identity administration and maintenance of user security roles and profiles.

Provide technical guidance and possesses the ability to compose, articulate and present complex technical issues to peers, management, and customers to gain consensus and recommend and/or act to complete complex deployments.

Daily work is conducted in an indoor office environment.

Relocation assistance may be available based on business need.

The duties and responsibilities in this posting are representative categories to be used in deciding whether to apply for this position. This is not an exhaustive list of the position’s duties.   

At BNSF Railway, we encourage individuals from all backgrounds to apply, showcasing their skills, experiences and development. We provide resources and tools to help you reach your full potential, fostering a supportive and inclusive environment.

Basic Qualifications: 

• Authorized to work in the US without Company sponsorship now AND in the future.
• Minimum of 10 years’ work experience in a Cyber Security and/or Information Technology environment and have or am able to obtain government security clearance.
• Bachelor’s degree with a preference in Engineering, Computer Science and/or equivalent formal training or work experience.
• Minimum of 10 years design, hands on development and support experience with current market leading Identity Management platforms which includes hands on experience with Workflows, Rules, Connectors, Security Policies, Aggregation Jobs, Roles, Certification Campaigns and Application Integration.
• Minimum of 2 years of experience with cloud provider services (AWS or Azure).

Preferred Qualifications:

• Experience working in DevOps environment, automation first mindset, ability to leverage coding/scripting skills and working experience with APIs. Should have ability to build test scripts for performing regression testing, preferably using RPA.
• Exposure to all and expert knowledge in three or more of the following technologies: Automated Provisioning, Directory Services, Application On-Boarding, Password Management, Re-certifications, Access Requests, Access Review, Delegation, Dynamic Organizations, Role based Security & Access Control, Customer Identity Management.
• Should have the ability to build test scripts for performing regression testing, preferably using RPA.
• Fluency in more than one technology stack and expertise in several of the following: C, C++, Java, J2EE, JSP, Servlet, EJB, Application (Client/Server), LDAP, RMI, WAS, Web Services, WS-Security, HTML, XML, XSLT, SOAP, MQ Series, LDAP / Active Directory
• Knowledgeable in the following areas:
  • Identity as a Service
  • Mutual Auth for Service -Service
  • PIM methodologies REST and REST Security
  • Experience with DB2, SQL Server, Oracle, or another enterprise-class RDBMS
  • Operating Systems like Windows, AIX, and Linux.
  • SOX audit controls and applicability to IAM services architecture, design, and processes
  • Java Application Interface Development and Object Models
  • Enterprise Service Bus (ESB) technologies / JMS Advanced systems design
  • IAM Certifications are a plus

At BNSF, you will have access to a comprehensive and competitive benefits package including:

• An industry-leading 401(k) and renowned Railroad Retirement program.
• A range of robust health care options for you and your dependents (including domestic partners), including medical, dental, vision, telemedicine, mental health, cancer support, and high-quality care network options.
• Health care spending accounts (HSA) with employer contributions, as well as life and disability insurance, provided at no cost.
• Family benefits including parental, pediatric and family building support, adoption and surrogacy reimbursement, and dependent care spending account (with employer match).
• Access to discounts on travel, gym memberships, counseling services and wellness support.
• Annual bonus (Incentive Compensation Program)
• Generous leave / time off policies.
• For more information, visit Benefits.

All positions require pre-employment background verification, medical review and pre-employment drug screen. You can find more information by reviewing the Hiring Process.  Federal authority requires BNSF employees, whose work requires unescorted access to secure areas of port facilities, to obtain a TWIC.  More information is available at https://www.tsa.gov/for-industry/twic

BNSF Railway is an Equal Opportunity Employer, all qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

SF: Internal Posting Only; MO | [[mfield5]] | Technology Services | Fort Worth, TX | 76131