Description

  • PKI as primary skill. IAM is Secondary
  • What is PKI?
  • What are the components?
  • How the certificate works?
  • What is IAM?
  • What is lifecycle of IAM?

 

We are looking for strong PKI as primary skill and IAM as secondary skill. Having knowledge in CIAM and any other cyber security domain would be added benefit.

 

Who are we looking for?

Senior PKI and CIAM Engineer specialized in Certificate management – Entrust, Venafi, Microsoft & Google; CIAM – ForgeRock, Jenkins, Looker, Tableau.

 

PKI:

  • Experienced in both internal and external certificate management processes.
  • Experience with Microsoft certificate authority
  • Experience in enterprise Key Management, distribution, and administration
  • Good understanding of PKI architecture, including policies, standards, strategies, automation, and governance
  • Customer focus for supporting hundreds of USPS/ ISPA applications / services using thousands of certificates.
  • Strong understanding of AD and exchange
  • Knowledge on PKI/ Hardware Security Modules/ KMIP/ Certificate Management/ Cryptography
  • Experience with ServiceNow Change/Incident/Problem management
  • Strong communication skills in dealing with IT developers and system administrators.
  • Basic knowledge of IT security principles, HIPAA, SOX, and PCI regulations
  • Computer security, specifically in Windows/ LINUX OS environment. 

 

Technical Skills: 

  • Familiarity with leading IAM concepts such as Least Privilege, Privileged Access, Roles and Data mining, Segregation of Experience in Identity and Access management in ForgeRock (OpenAM, OpenDJ, OpenIDM, OpenIG and their extensions with custom Java code Java development)
  • Engineering , enhancements & upgrades
  • Experience in SAML, OAuth, Open ID Connect protocols.
  • Experience in creating Looker, Tableau Dashboards
  • Experience in Jenkins
  • Implement authentication and authorization flows through Identity and Access Management Systems
  • Build API(s) which can be consumed through omni channel interfaces like Traditional Web Apps, Single Page Application Frameworks, Mobile, B2B systems, etc.

 

Process Skills: 

  • Performing daily health checks of the Active Directory Certificate Services(ADCS)  Server and Services to analyze potential alerts, warning and risk to infrastructure.
  • Maintain Certificate Inventory, management of issuance, revocation, and renewal of certificates (Internal & external).
  • Access control to certificate templates. 
  • Manage Certificate Features & Policies, document Key & Certificate Management Policies and updated periodically.
  • Co-ordinate with the infrastructure/ application team to get the required certificate request file. 
  • Support Alert management (Alerts through enterprise monitoring)
  • Capacity management along with Engineering, enhancements & upgrades
  • Support provisioning, de-provisioning, access validation, authentication, and troubleshooting
  • Provide support for IAM operational incidents and request.
  • Workflow, Policies, and rule creation
  • Troubleshooting rules and workflow failure issues
  • Patching support for CIAM tool 
  • Service restart for CIAM tool 
  • Investigate queries related to CIAM platform.
  • Realtime monitoring of CIAM tool. 
  • Alert management (Alerts through enterprise monitoring) for CIAM tool. 

 

Behavioral Skills:

  • 6+ years of professional experience working with Public Key Infrastructure & Identity Management solution. 
  • Effective interpersonal, team building and communication skills. 
  • You have a clear understanding of Certificate Lifecycle Management and Identity Lifecycle Management (provisioning, de-provisioning, authentication) 
  • You have a clear understanding of Identity Governance and Administration (IGA) with regards to access requests, integrations, provisioning, entitlements, and reporting 
  • You possess strong analytical and problem-solving skills and demonstrable ability to work independently as well as in a team environment. 
  • Excellent verbal and written user documentation skills 
  • Ability to communicate complex technology to no tech audience in simple and precise manner. 
  • Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers, be able to follow instructions, make a team stronger for your presence and not weaker.
  • Ability to see the bigger picture and differing perspectives; to compromise, to balance competing priorities, and to prioritize the user.
  • Desire for continuous improvement, of the worthy sort; always be learning and seeking improvement, avoid change aversion and excessive conservatism, equally avoid harmful perfectionism, "not-invented-here" syndrome and damaging pursuit of the bleeding edge for its own sake. 
  • Learn things quickly, while working outside the area of expertise.
  • Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design.
  • Ability to communicate complex technology to no tech audience in simple and precise manner.

 

Certification: (Optional)

  • Venafi Security Administrator (VSA)
  • ForgeRock Certified Identity Management Specialist 
  • ForgeRock Certified Access Management Specialist

Education

Any Graduate