As a Senior Identity & Access Management (IAM) engineer, you will report directly to the Security Services Manager. Your senior technical and engineering expertise will be critical for contributing to a PKI team for implementing and supporting the programs Identity & Access Management program architecture, infrastructure, capabilities, components and standards. Specifically, you will be responsible for contributing to and in cases leading engineering activities for PKI, Enterprise SHA-1 to SHA-2 testing and implementation, PKI Reporting, PKI/IAM service development, service integration, implementation and operations of all program-wide PKI services. This position collaborates closely with core services architects, engineers, and service providers to implement the PKI/IAM Program modernization efforts for the program. Familiarity with DISA PKI Governance and CSP required. Our ideal candidate will be an emerging technical leader and highly knowledgeable with a demonstrable history with the following:
- Modern approaches to IT service-oriented architectures and applications. Specifically, substantial experience with implementing services and applications in a hybrid computing environment.
- Services based Integration of role-based access control, Active Directory, LDAP, Single Sign-On, End-User provisioning, Department of Defense identity and access governance, and identity data synchronization services with existing applications and systems.
- API Gateways, Enterprise Directories, Enterprise Databases, SSO and Access Management systems, and identity federation protocols.
- SQL scripting in a large data base environment.
- Programming languages such as C, C++, Go, and Java - desired.
- Leading mentorship exercises for junior level IAM engineers.
- To ensure that essential services are provided program community, the employee will be required to work outside their regular working hours as needed.
Qualifications: Overall Identity and Access Management Qualifications
- BS in computer science or related discipline with 12 years of years of experience; or an Associates degree with 16+ years of experience. Equivalent work experience may be substituted in lieu of a degree.
- Significant experience in understanding, leading, and implementing engineering efforts against technical IAM architecture designs across six major capability areas:
- Identity Lifecycle Management
- Identity Data Models
- Access Lifecycle Management
- Runtime Enforcement
- Credential Management
- Identity Federation
* Extensive history of leading engineering contributions to enterprise IAM deployments in a senior or equivalent engineering role. Significant deployment experience must include a minimum of four or above of the following IAM solutions:
- Identity Governance and Administration ( IGA) for aggregating application and system data for access certification.
- Identity Lifecycle Management and user provisioning/de-provisioning.
- Single Sign On ( SSO) integration and session management for multiple web and cloud applications.
- Identity Federation ( SAML) configuration and integration across multiple trusted third parties, applications, and systems.
- Directory ( LDAP) service implementation and integration for identity data consumption by applications and systems.
- Multi Factor Authentication ( MFA) such as Duo security integration into the authentication, authorization, and single sing on process for applications and systems.
- API security and API integration with IAM systems for sharing identity contexts.
* Extensive and deep knowledge in identity and access data correlation, normalization and building of cohesive identity and access data models for large enterprises.
- Significant and demonstrable history with complex Identity and Access Management integration and service delivery use cases and requirements.
- Has experience in working with software development disciplines (i.e. DevOps) including previous hands on development experience with a programming language such as C, C++, or Java.
- Excellent and demonstrable experience with relational database management systems (i.e. Oracle, SQL Server) including significant experience with writing SQL extracts, development of custom views and stored procedures.
- Expert knowledge in IT, service-oriented architectures, software development life cycles, or information security platforms and applications.
- Ability to work with a dynamic IA team for supporting multiple competing priorities at the same time including project work, production support and monthly governance board meetings.
- Ability to contribute, lead, and collaborate with the Security Services Manager in establishing a growth and training program applicable for TA and RA role.
- Very comfortable with working closely with security services stakeholders, architects, and engineers for project and program delivery milestones.
- Possesses advanced listening skills and advanced team dynamic problem solving, root cause analysis, and resolution.
- Has worked and lead efficient and effective IAM engineering teams of 2+ individuals in a demanding environment.
- Proven and demonstrable performance in critical thinking and usage of innovative thinking for enhancing engineering team capabilities and providing solutions for new challenges, issues, and requirements.
- 5+ years experience in integrating security and IAM products in mid to large enterprises.
- 3+ years working knowledge of DevOps, CI/CD pipelines, and application containerization.
- 4+ years of experience across a variety of technologies such databases, directory services, application servers, network infrastructures, Linux operating systems, and an understanding of fundamental security and data flows within these components.
- 4+ years of experience with identity management products such as One Identity, SailPoint, IBM, CA and/or Oracle Identity Manager ( OIM) - desired.
- 4+ years of experience with Access Management and Federation products such as ForgeRock OpenAM, IBM Security Access Manager, or Oracle Access Manager.
- 3+ years of experience with requirements, design, implementation, integration, and testing for IAM component integration into on-premise and cloud-based applications.
- 3+ years of experience with managing and operating Unix or Linux based operating systems.
- 3+ years of experience with object-oriented program languages (C++, Java, C#).
- 3+ years of web services development and implementation experience.
- 3+ years experience with XML, REST, or JSON.
- Excellent verbal and written communication skills.
- Desired Certifications
- CISSP highly preferred.