Identity, Credential and Access Management Systems Engineer

Identity, Credential and Access Management Systems Engineer

Gray Tier is seeking an Identity, Credential and Access Management Systems Engineer (formerly identity and access management / IdAM) to be responsible for the upkeep, configuration, and reliable operation of computer systems in support of DISA's Compartmented Enterprise Services Office (CESO) NOC. The Systems Engineer will to contribute to the deployment and maintenance of an ICAM solution to serve as a comprehensive Identity as a Service (IDaaS) platform for CESO.

With the CESO program, the Defense Information System Agency (DISA) is looking to transform the existing Secure Web Services (SWS) environment, which provides secure information sharing to the community, into a more mature service offering to meet the DoD and intelligence communities. As part of this mission, our team will manage the commercial cloud migration and disestablishment of legacy systems, fully automate the continuous development & continuous integration environment, fourth estate consolidation, professionalize services – ITIL/DevSecOps based processes, improve the customer experience 1st call resolution, and achieve development of a service catalog for Defense Working Capital Fund (DWCF) Model.

Primary Responsibilities

• Deploy and maintain the ForgeRock IdP (identity and access management platform).
• Implement identity access management and controls, to include single sign on, identity federation, enterprise directory architecture, and resource provisioning.
• Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
• Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
• Understand complex business and information technology management processes
• Install, integrate, and deploy ForgeRock products in client environments using
• Communicate to clients and partners aspects of both the product and the implementation at the technical and functional level appropriate for the situation.
• Work with the Identity Access Management team to continue making enhancement to the Identity Access Management program.
• Work closely with development teams to perform user management, group management and password management requests.
• Create and maintain Identify Access Management metrics.
• Document various system access for all Users
• Support efforts regarding audit findings, adherence to compliance and organizational change.
• Responsible for working to resolve ForgeRock system issues escalated within the service level agreement.
• Ability to create, and modify CONOPS, and Standard Operating Procedure documents

Basic Qualifications

• BS in computer science or IT and 8 years of experience. Add'l experience may be considered in lieu of degree.
• IAT Level II Baseline Certification (e.g. CCNA Security, CySA , GICSP, GSEC, Security CE, CND, SSCP)
• Candidate must possess an Active TS/SCI clearance and ability to obtain and maintain CI Poly
• Experience with federation protocols (SAML, OAUTH, OpenID) and zero trust principles
• Experience with the ForgeRock platform
• Knowledge of Identity and Access Management platforms
• Knowledge of Linux Operating Systems
• Excellent written and oral communication skills
• Ability to work effectively with both technical and non-technical audiences
• Demonstrated ability to work in a complex, fast paced environment

Preferred Qualifications

• Prior experience with DISA and DISA’s support to mission partners
• Experience with: JISG Access Controls, Amazon Web Services, Ansible playbooks