Senior Identity Access Management Engineer/Okta
Posted on May 3, 2022 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Enterprise Company is currently seeking a Sr. Middleware Engineer. Candidate will focus on building and implementing the Identity and Access Management Security Strategies. This includes analysis, design and implementation of Identity and access management (IAM), roles-based access control (RBAC) strategies, on boarding new applications within standards, strengthening user access approval processes, simplifying user access provisioning processes and streamlining user access certification processes. This position is key to enabling a Single Sign On (SSO) experience for authentication and authorization to enterprise systems.
This position also has shared responsibility for production support of IAM Infrastructure including operations, development and system administration. This involves services on the Servers and understanding of the overall infrastructure to include the hardware and design, data centers, networks, ports, load balancers, and how all the components interact. Analyze all aspects of the existing infrastructure and recommend modifications that will enhance system reliability, availability, serviceability and scalability.
- Supports the delivery of provisioning process improvement in Role Based Access Controls.
- Enable Single Sign On integrations in multiple integration frameworks, examples include SAML, OAUTH, Open ID
- Troubleshoot application authentication issues for SSO infrastructure, LDAP and additional connected and related system issues.
- Collaborate with project teams and architecture to deliver on key initiatives.
- Participates in on-call responsibilities for critical highly available applications
- Conducts change control and device configuration management activities on all IAM technologies, including inspection or reviews of peer's changes, as well as implementation of changes and support of changes related to the IAM Platform.
- Align new and existing applications and systems to Company's IAM/RBAC framework
- Collaborate with the team and architecture on new platforms, IAM roadmap; assess security risks, and identity long-term strategy recommendations.
- Establish solid working relationships with compliancy teams, internal auditors and external auditors
- Establish long-term working relationships with technical resources and business partners
- Proactively identifies gaps, plans, implements, updates, maintains, monitors, and supports enterprise IAM Tools.
- Actively protects the availability, confidentiality, and integrity of customer, employee, and business identity.
- Contribute to the Risk Assessment Program including identifying and scoring risk.
- Contributes to Enterprise IS security team effectiveness by accomplishing additional IAM related results as needed
- Supports the execution of projects and initiatives
- Participates in operations and tactical planning
- Bachelor's degree in related technical/business areas or equivalent work experience
- Minimum 7 years' experience implementing and improving user account provisioning, role provisioning and user access certification processes
- Minimum 5 years' experience with IAM/RBAC related projects with identity and access management products
- Strong infrastructure design and documentation skills
- Strong experience in analysing logs and identifying problems with authentication and authorization.
- Solid understanding of related identity management products, including certificate management, PIM, Multi-factor authentication strategies etc.
- Proven change management skills; proven change agent who consistently delivers results
- Highly flexible and able to adapt to change
- Strong verbal and written communication skills
- Strong organizational and interpersonal skills
- Strong team player with proven collaboration skills
- Strong critical thinking and problem-solving skills
- Experience with PingFederate enterprise federation server for user authentication and Single Sign-on
- Experience with Okta - enterprise-grade, identity management service
- Solid understanding of UNIX/Linux operating systems; Solid Understanding of the common UNIX and Windows utilities, diagnostic and monitoring tools; Solid Understanding of Certificate management; Familiarity with PIM Tools, such as CyberArk, Thycotic; Familiarity with multi-factor; Scripting experience with Perl, Shell and/or Java highly preferred; Solid understanding of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and DMZ configurations.
- Experience with federation services, including SAML, Reverse Proxy, OAUTH
- Experience with configuring Single-Sign-On authentication schemes across a variety of access management and federation solutions such as Micro-Focus (NetIQ) Access Manager, Ping, SiteMinder, SailPoint etc.
- Experience with Identity Management Infrastructure, LDAP and connected systems, including Micro-Focus (NetIQ) IDM and eDirectory.