This position is a key member of the Cyber Security Administration and Engineering team responsible for the engineering, implementation, configuration, tuning and maintenance of customer identity and access management systems. The role will focus on systems and tools associated with external identity and access management capabilities including new implementations and optimization of existing technologies. The position will be responsible to support the introduction of technology and processes to optimize countermeasures for business services (IaaS, PaaS, SaaS, DaaS, etc.). Specific deliverables will support implementation of IAM technologies within ForgeRock, CA SiteMinder, IBM and Oracle platforms and will include LDAP, SSO, SAML, OAuth and Web Services security (SOAP and REST).
1. Performs installation, testing, monitoring, configuration, migration, maintenance and troubleshooting of assigned technology
2. Manages system/application environment and ongoing operations
3. Proactively monitors and reports performance and utilization of assigned technologies
4. Troubleshoots software and/or hardware issues/failures
5. Resolves alerts and performs remediation activities
6. Manages problem or escalated tickets and tasks and out of cycle requests from systems/software owners
7. Collects and presents data for reporting and planning
8. Assists with developing tactical strategies, processes and procedures related to systems/application administration
9. Collaborates with IT and business area partners on work groups and initiatives
10. Assist in identification of alternative configurations and approaches to enable business needs
11. Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks.
12. Develops and maintains documentation for security systems, procedures and security diagrams
13. Analyzes, proposes and implements solutions concerning residual risk, vulnerabilities and other security exposures.
14. Participates on assigned projects, ensuring that security best practices and requirements are considered and addressed.
15. Participates in initiatives to identify, select and implement technical controls
16. Develops information security processes, policies and procedures.
17. Advises on service level agreements and works to ensure that security controls are managed and maintained.
18. Other duties as assigned Must have:
Identity and Access Management (IAM) experience
API Security: REST and SOAP (WS-SE)
IaaS, PaaS, SaaS understanding
Microservices experience (Kubernetes, Docker, etc.)
Software Development Lifecycle: Waterfall and Agile Additional Requirements:
2-4 years of experience in Systems and Information Security administration with at least 1-2 years professional experience related to Identity and Access Management programs
More than 2 years experience with the Forgerock stack: OpenAM, OpenDJ, and OpenIDM
More than 2 years experience with the CA SiteMinder stack.
Hands on experience with the implementation of Identity Management/Identity & Access Management products (i.e. CA Single Sign-On, ForgeRock, etc.).
Hands on experience with implementing and supporting SAML and SSO technologies.
Hands on experience with implementing and supporting REST Services secure gateway
Knowledge of directory server (Oracle, TDS, AD, LDAP, etc.)
Experience with Oracle and SQL databases.
Understanding of how to secure cloud-based solutions (e.g. PaaS, SaaS or IaaS).
Demonstrate a working knowledge of multiple technologies and their interfaces and integration
Competency in one or more environments highly integrated with an operating system
Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations
Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management
Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
Experience developing, documenting and maintaining security procedures.
Knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools.
Ability to manage tasks independently and take ownership of responsibilities
Ability to learn from mistakes and apply constructive feedback to improve performance
Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
Ability to adapt to a rapidly changing environment
Critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
Experience analyzing business requirements and translating them into technical solutions
Industry standard Cloud certifications: Certificate of Cloud Security Knowledge (CCSK),
Certified Cloud Security Professional (CCSP), CompTIA Cloud+
Industry standard Cyber Security Certifications: CompTIA Security+, CSANS GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (ISC2 SSCP)
Comments for Suppliers: this role requires advanced checks to be completed as outlined in the handbook.