Identity and Access Management (ForgeRock)

The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.

• Report on controls, evidence gathering and control execution.
• Work collaboratively across IT and Business departments to implement technical solutions
• Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control.
• Research, recommend, and implement changes to procedures and systems to enhance systems security.
• Assist in communicating security policies and procedures to users.
• Assist internal and external customers with multi-platform security access issues and requests.
• Assist in identifying or developing tools or methods to track and monitor risk
• Support management with special projects and other duties as assigned.

Technical Skills

Microsoft Active Directory and LDAP

• Microsoft Active Directory and LDAP
• Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc).
• Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server.
• Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar).
• Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar).
• Development experience: Java, Javascript, Groovy
• Development experience: Python and shell scripting
• Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP)
• Basic knowledge of Linux operating system administration.
• Basic knowledge of Windows server and desktop operating systems
• Basic knowledge of Amazon Web Services (AWS)
• Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit
• Preferred (nice to have)
• Sailpoint Identity IQ administration or experience
• E-GRC/Archer
• ServiceNow
• Mainframe architecture
• CA-ACF2 Mainframe access control facilities
• Directory services, LDAP, and their inherent security (Active Directory, CA Directory).

Education and/or Experience

• Bachelor s degree in Computer Science, Engineering, or other related field, or equivalent experience
• 7+ Years Identity Access Management (IAM) experience preferred
• Hands-on IT or security operations experience
• Industry recognized certifications (CISSP, ITIL, etc)