Identity & Directory Management Services

Job Title: Identity and Directory Management Services (IDMS) Senior Engineer- PKI

Location: Remote in the US
Duration: Contract to Hire

Qualifications:

US Citizen who can obtain Public Trust Clearance or Public Trust Clearance Holder
ITILv4 Foundation Training and ITILv4 Foundation Certification may be obtained within 120 days after hire.

Job Summary:

We are seeking an Identity and Directory Management Services (IDMS) Senior Engineer with expertise with PKI to support the design, administration, management, execution & maintenance of the company’s Identity & Directory Management Services (IDMS) and Identity, Credential, and Access Management (ICAM) solutions to meet the needs of the enterprise users & the enterprise architecture. These services, systems, and capabilities include but are not limited to, directory services management, ICAM, privileged account management, Single Sign-On (SSO), Active Directory (AD) Domain Name System (DNS) services, Public Key Infrastructure (PKI), Multi-Factor Authentication (MFA), auditing and log management, Continuous Diagnostics and Mitigation/Dynamic, Evolving Federal Enterprise Network Defense (CDM/DEFEND), and the management of appliances. The company currently leverages Microsoft (MS) AD as the authoritative account management system.

Job Responsibilities:

Manage the enterprise Key Management, Certificate Management, and PKI systems.
Manage and maintain the PKI environment, including Microsoft Certificate Authorities and Certificate Revocation CRL/ OCSP services.
Provide advanced support for IAM/SSO/MFA by troubleshooting a variety of difficult software problems, implementing bug fixes, and performing root cause analysis using agile methodologies.
Token management by using the HID Credential Management Services
Implement technical capabilities including IAM solutions and application integrations, to enhance enterprise security risk posture.
Intimately familiar with IAM-related protocols such as SAML, SPML, XACML, SCIM, OAuth, OIDC, OpenID and REST APIs, and other security interfaces.
Manage, administer, and support the MFA environment.
Manage, administer, and support ICAM systems and related support activities.
Utilize automation and role-based management to ensure availability of access and continuity of services
Ensure requirements are gathered, processes defined, and use cases documented.
Test and certify new product versions, bug fixes, and provide detailed reports.
Providing on-call rotation support on a routine basis.
Identifying process improvement opportunities for review and subsequent implementation.
Providing positive customer service interactions for all levels of the organization up to and including senior executive staff.
Performing root cause analysis, risk identification, and risk mitigation.
Provide support and administration of the AD environment, systems, and associated data.
Continuously review and assess the ICAM environment and provide recommendations for how to manage and administer the environment more efficiently.
Ensure that all Group Policy Management (GPM) changes are controlled and documented.
Provide Proof of Concepts and Pilots for Advancing Zero Trust and final implementation to transfer Zero Trust integration to infrastructure engineering support.
Collaborating with other members of the engineering team to design new features or improve existing ones
Escalate issues to vendor and third-party entities, as necessary and directed by the Government.

Job Required Qualifications:

Bachelor's degree or equivalent. Preference for master's degree in a computer science-related field.
Public Trust Clearance or ability to obtain.
ITILv4 Foundation Training and ITILv4 Foundation Certification may be obtained within 120 days after hire.
7-12 years of experience
5+ years of direct experience providing engineering and operations support for PKI solutions.
7+ years of experience with IDMS systems.
Integration experience with SAML, OpenID Connect, RADIUS, and Oauth.
Integration experience with Multi-Factor Authentication.
Integration experience with Passwordless Authentication.
Experience as a remote worker demonstrating time management and self-discipline with cultural change management and an Agile mindset.

Job Desired Qualifications:

Strong knowledge of the different identity and access management (IAM) concepts, technologies, and authentication protocols.
Active Directory including but not limited to:
-Microsoft Active Directory
-Azure Active Directory
-NetIQ DRA
-NetIQ Group Policy Administrator (GPA)
-Active Directory Lightweight Directory Services
-Vulnerability Mitigation
Identity Management services operations including but not limited to:
-SailPoint IdentityIQ
-SecureAuth
-SAML 2.0
-Forefront Identity Manager/Microsoft Identity Manager
-Active Directory Federation Services
-Okta
Experience with Splunk engineering and administration.
Experience with privileged access management (PAM) systems such as CyberArk.
Hands-on experience with cloud computing services (O365/Microsoft Azure/AWS).
Experience with SailPoint IdentityIQ integration and operations.
Experience with network architecture.
Powershell, java, and .NET scripting.
An understanding of Zero Trust concepts.
Strong experience with Directories, SSO, Federation, Delegated administration, API gateways, and SOA services.
Strong communication skills with customers over the phone, email, or ticketing system.
Must be willing to work a variety of shifts, including holidays as scheduled.

Job Physical Requirement:

The physical demands described below are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform essential functions. While performing the duties of this job, the employee is regularly required to do the following:
If remote, safely maintain home workspace, free from safety hazards and in line with information security policies.
Communicate verbally in person, over the phone, or by video chat and clearly/succinctly in writing, primarily utilizing a keyboard.
Appear on camera for meetings with co-workers and government partners via video chat and ensure the protection of proprietary company and customer information is consistent with the company’s expectation of information security.
Viewing computer screens and sitting for long periods.
Travel is not required.

Job Benefits:

Comprehensive Benefits: Health, dental, and vision coverage for you and your family.
Financial Security: Build a strong future with our 401(k) plan.
Work-Life Balance: Generous Paid Time Off (PTO) and sick leave policies.
Professional Growth: Ongoing learning and development opportunities.
Cutting-Edge Environment: Work with the latest tools and technology.
Inclusive Culture: Thrive in a diverse and collaborative workplace.
Employee Assistance Program: Confidential counseling and support services.
Wellness Initiatives: Fitness classes and mental health resources.
Community Engagement: Contribute to positive change through volunteer programs.