Identity & Directory Management Services Senior Engineer - PKI - REMOTE - Sierra Solutions Group

Vienna, VA 22182

About the Job

Job Summary
We are looking for an Identity & Directory Management Services Senior Engineer- PKI for our technology client. The role will support the design, administration, management, execution & maintenance of Identity & Directory Management Services (IDMS) and Identity, Credential, and Access Management (ICAM) solutions to meet the needs of the enterprise users & the enterprise architecture. These services, systems, and capabilities include, but not limited to, directory services management, ICAM, privileged account management, Single Sign-On (SSO), Active Directory (AD) Domain Name System (DNS) services, Public Key Infrastructure (PKI), Multi-Factor Authentication (MFA), auditing and log management, Continuous Diagnostics and Mitigation/Dynamic and Evolving Federal Enterprise Network Defense (CDM/DEFEND), and the management of appliances. IT currently leverages Microsoft (MS) AD as the authoritative account management system.

Primary Responsibilities

Manage the enterprise Key Management, Certificate Management, and PKI systems.
Manage and maintain the PKI environment, to include Microsoft Certificate Authorities and Certificate Revocation CRL/ OCSP services.
Extensive experience with Okta includes installation, configuration and migrations.
Token management by using the HID Credential Management Services
Knowledge of Hardware Security Module (HSM's)
Manage, administer, and support the IT MFA environment with Secureauth, OKTA or similar platform
Manage, administer, and support ICAM systems and related support activities.
Utilize automation and role-based management to ensure availability of access and continuity of services.
Ensure requirements are gathered, processes defined, and use cases documented.
Test and certify new product versions, bug fix and provide detailed reports.
Providing on-call rotation support on a routine basis.
Identifying process improvement opportunities for review and subsequent implementation.
Providing positive customer service interactions for all levels of the organization up to and include senior executive staff.
Performing root cause analysis, risk identification, and risk mitigation.
Provide support and administration of the IT AD environment, systems, and associated data.
Continuously review and assess the IT ICAM environment and provide recommendations for how to manage and administer the environment more efficiently.
Ensure that all Group Policy Management (GPM) changes are controlled and documented.
Other operational support duties as assigned.
Developing new technologies to support existing applications or creating new applications using new technologies
Participating in meetings with executives to discuss technical issues and propose solutions
Collaborating with other members of the engineering team to design new features or improve existing ones
Escalate issues to vendor and third-party entities, as necessary and directed by the Government

Education and Experience

Public Trust Clearance or ability to obtain.
ITILv4 Foundation Training and ITILv4 Foundation Certification, may be obtained within 120 days after hire.
Possesses and applies a comprehensive knowledge across key tasks and high impact assignments.
Plans and leads major technology assignments.
Functions as a technical expert across multiple project assignments.
Design and develop solutions to complex applications problems, system administration issues, or network concerns.
Perform systems management and integration functions
Proven ability to work independently in a full and/or partial remote environment with limited supervision and may supervise/lead others.
Possess the ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff as well as clients.
Maintain standard working hours and be available for meetings, and other collaborative efforts during working hours.
Demonstrated ability to apply comprehensive knowledge across key tasks and high impact assignments with the ability to use practical experience and training to determine how to accomplish tasks.
Bachelor of Science Degree (or equivalent) and 10 years of experience.
4+ year experience working with IDMS systems.
Experience as a remote worker demonstrating time management and self discipline with cultural change management and Agile mindset.

Preferred Skills:

Strong knowledge of the different identity and access management (IAM) concepts, technologies and authentication protocols.
Public Key Infrastructure (PKI):
- Active Directory Certificate Services (AD CS).
- HID Credential Management System (CMS).
- HID ActivClient.
- Federal PIV/CAC.
- Safenet Hardware Security Module (HSM's).
Identity Management services operations including but not limited to:
- SailPoint IdentityIQ
- SecureAuth
- SAML 2.0
- Forefront Identity Manager/Microsoft Identity Manager
- Active Directory Federation Services
Active Directory including but not limited to:
- Microsoft Active Directory
- Azure Active Directory
- NetIQ DRA
- NetIQ Group Policy Administrator (GPA)
- Active Directory Lightweight Directory Services
- Vulnerability Mitigation
Experience with Splunk engineering and administration.

Privileged access management (PAM) systems such as CyberArk.
Hands-on experience with cloud computing services (O365/Microsoft Azure/AWS).
Experience with SailPoint IdentityIQ integration and operations.
Okta certified
Powershell, java and .NET scripting.
An understanding of Zero Trust concepts.
Proficiency in the Google Suite (Gmail, Calendar, Chat, Meet, Docs, Slides, Sheets), Microsoft Office (Word, Excel, PowerPoint, Outlook), Slack, and ServiceNow.

Source : Sierra Solutions Group