First Republic is an ultra-high-touch bank that provides extraordinary client service. We believe that one-on-one interactions build lasting relationships. We move quickly to serve our clients' needs so that their financial transactions are handled with ease and efficiency. Client trust and security are paramount in our line of business. Ultimately, our goal is unsurpassed client satisfaction which will lead to personal referrals - our number one source of new business. We recognize that our competitive advantage starts with our people and our culture. At First Republic, we work hard and move quickly as a very coordinated team. If you are looking for an opportunity to grow and contribute in a fun, fast-paced environment, First Republic is the place for you. We have exceptional people focused on providing extraordinary service.
We are looking for an Access Engineer to be a part of our team. He/she will be responsible for driving the continued growth of our access management platform and extending its use across more applications. The candidate must have excellent skills on various Access Management products - primarily with PingFederate. The candidate must have strong working knowledge of standard-based access management technologies and concepts.
* Work with Access Management technologies such as PING, Active Directory, Radius based 2-factor.
* Configure Federated SSO for enterprise internal and third party SaaS applications.
* Responsible for the delivery of products and solutions for Single Sign-On via Ping Federate.
* Owns the quality of the implementation and follows the changes through all lower environments through production.
* Works closely with QA teams to ensure quality standards are being met.
* Understands the solution and the domain/ industry well and acts as subject matter expert to be able to understand the customer's requirement.
* If appropriate suggest alternatives to better the solution and alleviate the challenge/ issue being addressed.
* Works with application teams to gather SSO requirements and build out a solution in non-production & production environments.
* Responsible for performing unit testing on built and existing SAML assertions.
* Responsible for coordinating application onboarding with end client contacts, client project managers and application owners.
* Troubleshooting hardware and software experience both at the O/S level and the application level where required.
* Work with vendors on supporting the platform and upgrade activities.
* Maintenance of PingFed servers/ access software including performing upgrades, patches, and ensuring availability.
* Helps to establish a multi-year technology roadmap for Access Management.
* Participates in disaster recovery testing exercises.
* SKILLS, KNOWLEDGE AND EXPERIENCE:
* 4-7+ years of experience in identity management or related technologies.
* Possess good working knowledge in SailpointIQ System, Active Directory, Java and Web Based Technologies.
* Ability to synthesize robust and cost-effective technical solutions against customer requirements.
* Bachelor's Degree in Computer Science.
* Experience in tools such as Sailpoint, Service Now, or other identity management systems preferred.
* Understands the challenges in managing an identity system within an organization.
* 5 years of experience on Access Management products/domain.
* Experience in working with the single sign on protocols like SAML.
* Wiliness to learn and grow within the Access Management space.
* Familiarity with federation protocols such as SAML.
* Good understanding of access management, federated identity, 2-factor solutions, and LDAP directories.
* Good hands on experience in PingFederate or similar SSO solution a plus.
* Experience in installing and maintaining the PingFederate across different environments.
* Strong working knowledge of PingFederate Policy server, policy enforcement products/concepts.
* Knowledge in Radius and other MFA protocols.
* Working knowledge of SAML Federation & PingFederate.
* Excellent troubleshooting skills with PingFederate.
* Knowledge of Open ID Connect Policy, SAML, SOAP, WS-Security, OAuth.
* Experience with operating systems (Windows Server, Linux/Unix) and application servers.
* The ability to learn and comprehend basic instructions; understand the meanings of words and respond effectively; and perform basic arithmetic accurately and quickly.
* Vision must be sufficient to read data reports, manuals and computer screens.
* Hearing must be sufficient to understand a conversation at a normal volume, including telephone calls and in person.
* Speech must be coherent to clearly convey or exchange information, including the giving and receiving of assignments and/or directions.
* Position involves sitting most of the time, but may involve walking or standing for brief periods of time.
* Must be able to travel in a limited capacity.