Identity and Access Management Systems Engineer

Our client is seeking to add an Identity and Access Management Systems Engineer to its Corporate Headquarters Information Security team.

This individual will be primarily responsible for testing, configuring, and setting standards and procedures, for Our client's Enterprise Directory, Web Access Management System (ISAM), and Identity Management System (ISIM). This individual will provide guidance on integrating the identity management authentication and authorization framework into new and existing applications. In addition, this individual will share responsibility for the engineering of new security solutions as well as support for policies and standards already in-place.

As one of the primary focus of the position is the development and implementation of the Web Access Management System, the ideal candidate will have experience working with web applications, web application servers (IIS, WebSphere, Domino) and have basic web programming knowledge(HTML, HTML forms, HTTP headers, etc.). In addition, the development of Our client's Enterprise Directory requires intermediate experience with database operation and SQL query design, and/or comparable LDAP query and update capabilities. Responsibilities will include directory replication solutions among directory systems, such as Active Directory, and RACF. Experience with Windows Domain Administration and Trust Relationships is required, including DHCP, DFS, DNS and WINS. Basic understanding of Windows networking is required. Experience with Java script coding is desirable for manipulation of the data objects, although experience with another scripting language is sufficient. Knowledge of Federated Identity and Web Services security concepts such as SAML, ADFS, WS-Federation and WS-Security is required. Knowledge of Microsoft AD Integration with Microsoft O365 Cloud/Microsoft Azure Active Directory is a plus.

In addition, the ideal candidate will have experience configuring and supporting an enterprise Identity Management system for access provisioning. Configuration includes the automation of role based access, segregation of duty, and background workflow for owner approval and periodic access review.

• Minimum 5 years of extensive and applied experience with Enterprise Access and Identity Management, working with Active Directory and Group Policy Object management, LDAP, Federations, SSO, including design, configuration, and deployment.

• Minimum 2 years of experience with supporting various authentication protocols (Kerberos, SAML, OAUTH, LDAP, etc.).

• Education (degree): Bachelor-level degree in engineering, information technology, computer science, or equivalent educational or professional experience and/or qualification

• Excellent troubleshooting skills, including the troubleshooting and debugging Active Directory technologies as well as troubleshooting network connectivity issues as they pertain to authentication and authorization.

• Must be able to think out of the box. The ability to troubleshoot non-standard issues/undocumented issues, to look at the big picture and see how a problem fits in and determine a solution that fits within the existing framework

All qualified applicants will receive consideration for employment
without regard to race, color, religion, place of origin, ethnic origin,
national origin, ancestry, age, sex, sexual orientation, gender
identity, transgender status, genetic information, mental or physical
disability, marital status, pregnancy, veteran status, or any other
characteristic protected by applicable national, state, or local law