Estimated Length: 12 Months Work hours:37.50 Est. OT Hrs/Wk:
*PLEASE NOTE THIS POSITION WILL ALLOW CONSULTANT TO WORK REMOTELY. HOWEVER, CONSULTANT WILL BE REQUIRED TO COME ONSITE AS NEEDED BY THEIR MANAGER/TEAM (AT THEIR OWN EXPENSE).
The responsibilities will include the ability to develop and maintain the Enterprise-wide Identity Access Management (IAM) program. This position requires a highly skilled technical individual that will perform activities related to securing and expanding the foundation to support the IAM operation for all Client agencies Operational and Information Technology Networks.
- Project management expertise with implementations in a large-scale enterprise Operational Technology and Informational Technology environments.
- This position will also heavily require experience in implementing IAM technologies in mission critical networks which require the highest levels of security (life safety, transportation systems, etc.).
- Strong understanding of Active Directory Architecture in highly secure environments (Red Forest),
- Hardening of directory, secure structure, auditing of the directory and implementation of controls into the directory.
- Strong knowledge of Auditing Tools
- Ability to identify and manage risk in the IAM space
- Privilege Access Management for Operational and Information Technology Networks
- Strong understanding of PKI and smartcard deployments (password less environments for on-premise and cloud environments)
- Strong understanding of REST API and integration of tools
- Experience in network user account security, compliance and access best practices
- Experience with web services security solutions and application integration concepts
- Familiarity with Governance and Compliance issues and solutions as it relates to Identity Management
- Understanding and designing IAM solutions for heterogeneous environments and systems
- Working knowledge of a broad range of current security appliances, tools, and applications and security methodologies
- Excellent verbal and written communication skills
- Ability to clearly present and explain technical information
- Strong analytical and organizational skills
- Demonstrated competency in resolving diverse and complex business problems
- Must be able to work outside of normal working hours as needed to support and resolve security needs
• Architect, Recommend Solutions, Support, maintain and develop the security infrastructure to support all Client Agencies under a centralized Identity Access Management (IAM) System
• Administration and support of Privileged Access Management (e.g., BeyondTrust Password Safe)
• Administration and support of Two-factor authentication (e.g., Duo Security, Azure)
• Administration and support of Smartcard for MFA (e.g., Yubikeys, Certificate etc.) technologies
• Strong understanding of SAML 2.0, WsFed, Kerberos, and Active Directory and LDAP
• Provide administrative support for the Client Enterprise-wide IAM and the associated systems
• Test and recommend patches and upgrades related to the Directory infrastructure, test and implement advanced authentication methods and coordinate maintenance on all associated IAM servers
• Establish and maintain the approval workflows required for each connecting application
• Manage the web interfaces used for user logins and user password self-service systems
• Assist with coordinating the build-out of IAM connectors to requested applications or systems
• Investigate and report back to management all issues and problems with published work flows
• Support and maintain the user password self-service systems
• Research and implement the upcoming technologies related to user authentication
• Assist with the managing the login and access control lists (ACL), such as but not limited to: Application Client, Single Sign-On and Client Trust services
• Maintain production application(s) in a running state on a 24 hour, 7 days a week basis.
• Assist with the timely and appropriate conduct of all mandated Security related access certifications and audits
• Participate in all disaster recovery drills.
• Familiar with BeyondTrust Privileged Remote Access (PRA). This solution empowers security professionals to control, monitor, and manage privileged users' access to critical systems.
Additional Skills and Information:
Teamwork and Leadership