Previous Job
Previous
Identity and Access Management Engineer
Ref No.: 18-06637
Location: Washington, District of Columbia
My client, an international organization in Washington, DC, has a long-term contract opportunity for an Identity and Access Management Engineer.

This position is for integrating and implementing Security in DevOps. Integrating requires familiarity with DevOps tools such as VSTS and TFS. Implementing requires familiarity with Security tools. Implementing requires programming background in Python and PowerShell and leveraging AWS, Azure, and ADAL SDKs for Python. Selenium scripting is a bonus.

Position Overview:
The Enterprise Computing & Cloud Services (ITSEC) department is responsible for providing and maintaining the IT infrastructure framework, which supports staff and business applications in an efficient and cost-effective manner. The department strives to provide quality services to meet a variety of business requirements, and its performance is regularly assessed by means of industry relevant benchmarks and annual certification/compliance with standards frameworks, including SOX, ISO20000, and ISO27001.

The scope of activities for ITSEC department includes a wide range of services, including data center operations, desktop and server support for Windows, UNIX and Linux, and Identity and Access Management infrastructure. The services are tightly integrated and standardized in a way to provide 24x7 availability and transparency to employees and clients around the world.

The department's Identity and Access Management (ITSES) Unit is responsible for inter alia, evaluation, testing, and implementation of emerging technologies related to authentication and authorization, web access management, the enterprise directory, identity and access governance, and encryption and Certification Authority (PKI) services.

Essential Job Functions:
• Support the SailPoint IIQ service for the client
• System administration tasks include:
o Maintain the infrastructure with system patches and upgrade
o Troubleshoot and resolve SailPoint IIQ infrastructure related issues
o Work with application developers (workflow), application teams (DB, Web, and Server Admins), and Network and Security teams
o Engage with the SailPoint technical support, if necessary
• Develop necessary scripts to produce specific SailPoint IIQ reports requested by service users
• Support the AD FS and FIM services for Office 365 cloud messaging and SharePoint applications environments
• Work with different project teams to understand their specific authentication and authorization needs and support them by integrating their applications with the available identity and access solutions
• Evaluate and provide feedback on future authentication and authorization technologies
• Assess and provide recommendations on their business relevance and deployment
• Maintain the optimal performance of IAM infrastructure resources by monitoring and assessing hardware/software performance
• Ensure that performance meets present and future business needs
• Recommend changes/enhancements to improve system availability, reliability, and performance
• Provide third-level engineering support for resolving client issues within an ITIL Methodology, including adherence to ISO20000 and ISO27001
• Participate in data center load shift and disaster Recovery exercises
• Review all system documentation to be delivered according to specified guidelines (e.g., Standard Operating Procedures)
• Maintain technical documentation
• Conduct regular or emergency maintenance or software upgrades following the formal change management process
• Perform troubleshooting for security incidents that require software and network forensic analysis, in close collaboration with OIS and other ITS Shared Services teams
• Define metrics to be used for management status and statistical reports
• Provide on-going knowledge transfer to team members and clients on security products and standards

Educational Qualifications and Experience:
• Education: Master's degree in Computer Science in Computer Science or Electrical Engineering
• Role Specific Experience: 7+ years of experience in computer/electrical/software engineering experience in information security and identity management fields
• 2+ years of experience in configuring, deploying, and maintaining SailPoint IIQ infrastructure in an enterprise setting
• Extensive experience in supporting Windows Active Directory, including AD group policy deployment, and GPO for securing corporate computers
• Experience in troubleshooting system hardware and software, particularly to investigate problems related to device drivers
• Operational experience with Microsoft Forefront Identity Manager (FIM) is a plus
• Experience with configuring, deploying, and maintaining Microsoft Active Directory Federation Services (AD FS) for cloud applications
• Experience with Identity Federation solutions such as CA SiteMinder Federation

Certification Requirements:
• Certified Information Systems Security Professional (CISSP) by (ISC)2 and GIAC Certified Forensic Examiner (GCFE), or advanced information security training by educational organizations, such as SANS Institute

Required Skills/Abilities:
• Expert knowledge of Web Access Management (WAM) and Enterprise Directory concepts (such as LDAP, Virtual Directory, Meta Directory, and LDIF)
• Expert knowledge in the areas of Microsoft Exchange, Office 365, Lync, SQL, and Certification Authority
• Expert understanding of Context-based Authentication and Risk-based Authentication solutions, particularly their effective use on mobile and unmanaged devices accessing corporate and cloud applications
• Expert understanding of system software design and development methodologies and implementation experience
• Expert knowledge of TCP/IP networking and protocols (DNS, ICMP, SMB, SSL/TLS, etc.)
• Familiarity with performance analysis using performance monitoring and tuning tools
• Strong analytical thinking skills
• Excellent interpersonal skills, including an ability to work effectively in a team/task force as a participant or team leader
• Flexibility to manage environment changes and emerging opportunities
• Ability to balance risks and reprioritize, as needed
• Demonstrate continuing professional development
• Superior verbal and written communication/presentation skills in English

Desired Skills/Abilities (not required but a plus):
• Experience with Oracle Directory Server Enterprise Edition and Radiant Logic VDS in a business environment
• C++, C#, Java, or Python programming and scripting knowledge in Linux and Windows environments

Contractor Benefits*

Medical
Dental
Vision
401(k)

*benefits are available only to W2 Contractors

Who is NTT Data?

NTT DATA is a leading IT services provider and global innovation partner with 100,000 professionals based in over 50 countries. NTT DATA emphasizes long-term commitment and combines global reach and local intimacy to provide premier professional services, including consulting, application services, business process and IT outsourcing, and cloud-based solutions. We're part of NTT Group, one of the world's largest technology services companies, generating more than $100 billion in annual revenues and partner to 80% of the Fortune 100. Visit www.nttdata.com/americas to learn how our consultants, projects, managed services, and outsourcing engagements deliver value for a wide range of businesses and government agencies.

The Company is an equal opportunity employer and makes employment decisions on the basis of merit and business needs. The Company will consider all qualified applicants for employment without regard to race, color, religious creed, citizenship, national origin, ancestry, age, sex, sexual orientation, genetic information, physical or mental disability, veteran or marital status, or any other class protected by law. To comply with applicable laws ensuring equal employment opportunities to qualified individuals with a disability, the Company will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual with a disability who is an applicant or an employee unless undue hardship to the Company would result.