PKI Analyst

Description

The Department of Homeland Security (DHS) has a continuing requirement for Secure Enterprise Network Systems, Services and Support (SENS3) for the continued operations and maintenance and evolution of the Homeland Secure Data Network (HSDN) and the Classified Local Area Network (C_LAN).

The PKI Analyst position will report directly to the PKI Team Leader. Your technical and engineering expertise will be critical for contributing to the PKI Team for implementing and supporting the program’s Identity & Access Management program architecture, infrastructure, capabilities, components, and standards. Specifically, you will be responsible for contributing to, and in cases leading/supporting/executing, RAO activities, PKI Reporting, Trusted Agent training, CSP reconciliation, Token support, implementation and operations of all program-wide PKI services and creating products capturing valuable information. This position collaborates closely with core services architects, engineers, and service providers to implement the PKI/IAM Program modernization efforts for the program. Willingness to cross-train required. Familiarity with DISA PKI Governance and CSP required.

Primary Responsibilities

• Modern approaches to IT service-oriented architectures and applications. Specifically, substantial experience with implementing services and applications in a hybrid computing environment.
• Provide Information Assurance, Vulnerability Management and Annual Assessment surge support.
• Services based Integration of role-based access control, Active Directory, LDAP, Single Sign-On, End-User provisioning, Department of Defense identity and access governance, and identity data synchronization services with existing applications and systems.
• Leading mentorship exercises for junior level teammates.
• Track smart card token inventory, as well as maintaining and updating tracking systems.
• Provide smart card tokens to TAs for issuance to users.
• Administer TA Training via web-based platforms and in-person instruction.
• Track and maintain TA contact information.
• Provide TAs with technical support via telephone to walkthrough procedures.
• Provide support for certificate management software to include configuration, development of reports, support, and operation.
• Support assessments of the PKI processes and systems.
• Perform data analytics, merging data from multiple sources for weekly and monthly reporting requirements.
• Manage user accounts and user access attributes and permissions.
• Manage user access to applications and data sources.
• Update and maintain documentation, including user and Agent SOPs, and training documents.
• Provide monthly updates to Scorecard reporting of user and token issuance metrics.
• To ensure that essential services are provided program community, the employee will be required to work outside their regular working hours as needed.

Basic Qualifications

• Requires a BS and 4 – 8 years of prior relevant experience or Masters with 2 – 6 years of prior relevant experience. In lieu of a degree, 8 plus years of experience may be considered.
• 4 years of experience in understanding, leading, and implementing engineering efforts against technical IAM architecture designs across six major capability areas:
• Identity Lifecycle Management
• Identity Data Models
• Access Lifecycle Management
• Runtime Enforcement
• Credential Management
• Identity Federation
• Identity Governance and Administration ( IGA) for aggregating application and system data for access certification.
• Identity Lifecycle Management and user provisioning/de-provisioning.
• Single Sign On (SSO) integration and session management for multiple web and cloud applications.
• Identity Federation (SAML) configuration and integration across multiple trusted third parties, applications, and systems.

Preferred Qualifications

• Extensive DISA PKI Audit support experience.
• Ability to work with a dynamic IA team for supporting multiple competing priorities at the same time including project work, production support and monthly governance board meetings.
• Ability to contribute, lead, and collaborate with the Security Services Manager in establishing a growth and training program applicable for TA and RA role.
• Highly comfortable in working closely with security services stakeholders, architects, and engineers for project and program delivery milestones.
• Possess advanced listening skills and advanced team dynamic problem solving, root cause analysis, and resolution.
• Experience working in efficient and effective IAM engineering teams of 2+ individuals in a demanding environment.
• Proven and demonstrable performance in critical thinking and usage of innovative thinking for enhancing engineering team capabilities and providing solutions for new challenges, issues, and requirements.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 46,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022.  For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.