Identity & Directory Management Services Senior Engineer - PKI - REMOTE - Sierra Solutions Group
Vienna, VA 22182
About the Job
Job Summary
We are looking for an Identity & Directory Management Services Senior Engineer- PKI for our technology client. The role will support the design, administration, management, execution & maintenance of Identity & Directory Management Services (IDMS) and Identity, Credential, and Access Management (ICAM) solutions to meet the needs of the enterprise users & the enterprise architecture. These services, systems, and capabilities include, but not limited to, directory services management, ICAM, privileged account management, Single Sign-On (SSO), Active Directory (AD) Domain Name System (DNS) services, Public Key Infrastructure (PKI), Multi-Factor Authentication (MFA), auditing and log management, Continuous Diagnostics and Mitigation/Dynamic and Evolving Federal Enterprise Network Defense (CDM/DEFEND), and the management of appliances. IT currently leverages Microsoft (MS) AD as the authoritative account management system.
Primary Responsibilities
Education and Experience
We are looking for an Identity & Directory Management Services Senior Engineer- PKI for our technology client. The role will support the design, administration, management, execution & maintenance of Identity & Directory Management Services (IDMS) and Identity, Credential, and Access Management (ICAM) solutions to meet the needs of the enterprise users & the enterprise architecture. These services, systems, and capabilities include, but not limited to, directory services management, ICAM, privileged account management, Single Sign-On (SSO), Active Directory (AD) Domain Name System (DNS) services, Public Key Infrastructure (PKI), Multi-Factor Authentication (MFA), auditing and log management, Continuous Diagnostics and Mitigation/Dynamic and Evolving Federal Enterprise Network Defense (CDM/DEFEND), and the management of appliances. IT currently leverages Microsoft (MS) AD as the authoritative account management system.
Primary Responsibilities
- Manage the enterprise Key Management, Certificate Management, and PKI systems.
- Manage and maintain the PKI environment, to include Microsoft Certificate Authorities and Certificate Revocation CRL/ OCSP services.
- Extensive experience with Okta includes installation, configuration and migrations.
- Token management by using the HID Credential Management Services
- Knowledge of Hardware Security Module (HSM's)
- Manage, administer, and support the IT MFA environment with Secureauth, OKTA or similar platform
- Manage, administer, and support ICAM systems and related support activities.
- Utilize automation and role-based management to ensure availability of access and continuity of services.
- Ensure requirements are gathered, processes defined, and use cases documented.
- Test and certify new product versions, bug fix and provide detailed reports.
- Providing on-call rotation support on a routine basis.
- Identifying process improvement opportunities for review and subsequent implementation.
- Providing positive customer service interactions for all levels of the organization up to and include senior executive staff.
- Performing root cause analysis, risk identification, and risk mitigation.
- Provide support and administration of the IT AD environment, systems, and associated data.
- Continuously review and assess the IT ICAM environment and provide recommendations for how to manage and administer the environment more efficiently.
- Ensure that all Group Policy Management (GPM) changes are controlled and documented.
- Other operational support duties as assigned.
- Developing new technologies to support existing applications or creating new applications using new technologies
- Participating in meetings with executives to discuss technical issues and propose solutions
- Collaborating with other members of the engineering team to design new features or improve existing ones
- Escalate issues to vendor and third-party entities, as necessary and directed by the Government
Education and Experience
- Public Trust Clearance or ability to obtain.
- ITILv4 Foundation Training and ITILv4 Foundation Certification, may be obtained within 120 days after hire.
- Possesses and applies a comprehensive knowledge across key tasks and high impact assignments.
- Plans and leads major technology assignments.
- Functions as a technical expert across multiple project assignments.
- Design and develop solutions to complex applications problems, system administration issues, or network concerns.
- Perform systems management and integration functions
- Proven ability to work independently in a full and/or partial remote environment with limited supervision and may supervise/lead others.
- Possess the ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff as well as clients.
- Maintain standard working hours and be available for meetings, and other collaborative efforts during working hours.
- Demonstrated ability to apply comprehensive knowledge across key tasks and high impact assignments with the ability to use practical experience and training to determine how to accomplish tasks.
- Bachelor of Science Degree (or equivalent) and 10 years of experience.
- 4+ year experience working with IDMS systems.
- Experience as a remote worker demonstrating time management and self discipline with cultural change management and Agile mindset.
- Strong knowledge of the different identity and access management (IAM) concepts, technologies and authentication protocols.
- Public Key Infrastructure (PKI):
- Active Directory Certificate Services (AD CS).
- HID Credential Management System (CMS).
- HID ActivClient.
- Federal PIV/CAC.
- Safenet Hardware Security Module (HSM's).
- Identity Management services operations including but not limited to:
- SailPoint IdentityIQ
- SecureAuth
- SAML 2.0
- Forefront Identity Manager/Microsoft Identity Manager
- Active Directory Federation Services
- Active Directory including but not limited to:
- Microsoft Active Directory
- Azure Active Directory
- NetIQ DRA
- NetIQ Group Policy Administrator (GPA)
- Active Directory Lightweight Directory Services
- Vulnerability Mitigation
- Experience with Splunk engineering and administration.
- Privileged access management (PAM) systems such as CyberArk.
- Hands-on experience with cloud computing services (O365/Microsoft Azure/AWS).
- Experience with SailPoint IdentityIQ integration and operations.
- Okta certified
- Powershell, java and .NET scripting.
- An understanding of Zero Trust concepts.
- Proficiency in the Google Suite (Gmail, Calendar, Chat, Meet, Docs, Slides, Sheets), Microsoft Office (Word, Excel, PowerPoint, Outlook), Slack, and ServiceNow.
Source : Sierra Solutions Group