Job ID :
Company :
Internal Postings
Location :
Type :
Duration :
6+ Months
Salary :
Status :
Openings :
Posted :
25 May 2018
Job Seekers, Please send resumes to
My client, a financial institution in Washington, DC, has a 6+ month contract position available for an Identity and Access Management Engineer.

Position Overview:

The Enterprise Computing & Cloud Services (ITSEC) department is responsible for providing and maintaining the IT infrastructure framework, which supports staff and business applications in an efficient and cost-effective manner. The department strives to provide quality services to meet a variety of business requirements, and its performance is regularly assessed by means of industry relevant benchmarks and annual certification/compliance with standards frameworks, including SOX, ISO20000, and ISO27001.

The scope of activities for ITSEC department includes a wide range of services, including data center operations, desktop and server support for Windows, UNIX and Linux, and Identity and Access Management infrastructure. The services are tightly integrated and standardized in a way to provide 24x7 availability and transparency to WBG employees and clients around the world.

The department’s Identity and Access Management (ITSES) Unit is responsible for inter alia, evaluation, testing, and implementation of emerging technologies related to authentication and authorization, web access management, the enterprise directory, identity and access governance, and encryption and Certification Authority (PKI) services.

Essential Job Functions:
  • Support the SailPoint IIQ service for the client
  • System administration tasks include:
    • Maintain the infrastructure with system patches and upgrade
    • Troubleshoot and resolve SailPoint IIQ infrastructure related issues
    • Work with application developers (workflow), application teams (DB, Web, and Server Admins), and Network and Security teams
    • Engage with the SailPoint technical support, if necessary
  • Develop necessary scripts to produce specific SailPoint IIQ reports requested by service users
  • Support the AD FS and FIM services for Office 365 cloud messaging and SharePoint applications environments
  • Work with different project teams to understand their specific authentication and authorization needs and support them by integrating their applications with the available identity and access solutions
  • Evaluate and provide feedback on future authentication and authorization technologies
  • Assess and provide recommendations on their business relevance and deployment
  • Maintain the optimal performance of IAM infrastructure resources by monitoring and assessing hardware/software performance
  • Ensure that performance meets present and future business needs
  • Recommend changes/enhancements to improve system availability, reliability, and performance
  • Provide third-level engineering support for resolving client issues within an ITIL Methodology, including adherence to ISO20000 and ISO27001
  • Participate in data center load shift and disaster Recovery exercises
  • Review all system documentation to be delivered according to specified guidelines (e.g., Standard Operating Procedures)
  • Maintain technical documentation
  • Conduct regular or emergency maintenance or software upgrades following the formal change management process
  • Perform troubleshooting for security incidents that require software and network forensic analysis, in close collaboration with OIS and other ITS Shared Services teams
  • Define metrics to be used for management status and statistical reports
  • Provide on-going knowledge transfer to team members and clients on security products and standards
Educational Qualifications and Experience:
  • Education: Master’s degree in Computer Science in Computer Science or Electrical Engineering
  • Role Specific Experience: 7+ years of experience in computer/electrical/software engineering experience in information security and identity management fields
  • 2+ years of experience in configuring, deploying, and maintaining SailPoint IIQ infrastructure in an enterprise setting
  • Extensive experience in supporting Windows Active Directory, including AD group policy deployment, and GPO for securing corporate computers
  • Experience in troubleshooting system hardware and software, particularly to investigate problems related to device drivers
  • Operational experience with Microsoft Forefront Identity Manager (FIM) is a plus
  • Experience with configuring, deploying, and maintaining Microsoft Active Directory Federation Services (AD FS) for cloud applications
  • Experience with Identity Federation solutions such as CA SiteMinder Federation
Certification Requirements:
  • Certified Information Systems Security Professional (CISSP) by (ISC)2 and GIAC Certified Forensic Examiner (GCFE), or advanced information security training by educational organizations, such as SANS Institute
Required Skills/Abilities:
  • Expert knowledge of Web Access Management (WAM) and Enterprise Directory concepts (such as LDAP, Virtual Directory, Meta Directory, and LDIF)
  • Expert knowledge in the areas of Microsoft Exchange, Office 365, Lync, SQL, and Certification Authority
  • Expert understanding of Context-based Authentication and Risk-based Authentication solutions, particularly their effective use on mobile and unmanaged devices accessing corporate and cloud applications
  • Expert understanding of system software design and development methodologies and implementation experience
  • Expert knowledge of TCP/IP networking and protocols (DNS, ICMP, SMB, SSL/TLS, etc.)
  • Familiarity with performance analysis using performance monitoring and tuning tools
  • Strong analytical thinking skills
  • Excellent interpersonal skills, including an ability to work effectively in a team/task force as a participant or team leader
  • Flexibility to manage environment changes and emerging opportunities
  • Ability to balance risks and reprioritize, as needed
  • Demonstrate continuing professional development
  • Superior verbal and written communication/presentation skills in English
Desired Skills/Abilities (not required but a plus):
  • Experience with Oracle Directory Server Enterprise Edition and Radiant Logic VDS in a business environment
  • C++, C#, Java, or Python programming and scripting knowledge in Linux and Windows environments.