SSO Integration Engineer Specialist
Location: Reston, VA
Work with Security Architecture and Engineering team to design secure SSO integration patterns and work with our partners and customers to implement these delivery patterns. Develop and help to mature security policies in partnership with GRC, Audit, and Compliance. Perform IAM architecture reviews and assessments in addition to providing consultation with our partners. Technical delivery of projects including managing scope, schedule, documentation, configuration, testing, etc. Provide timely, concise, and situationally appropriate status on projects and engagements. Work on automation and scripting to enable self-service environments and processes where practical. Develop and deliver technical training designed to enable and educate additional IAM implementation support and maintenance teams.
• Knowledge of and working experience with Web Access Management (WAM) technologies such as IBM Tivoli Access Manager (TAM), IBM Security Access Manager (ISAM) and Ping Identity, and/or other similar solutions.
• Experience should include installation, clustering, patching, backups, and other administration activities.
• 3 – 5 years of WAM administration experience
• Knowledge of various reverse proxy integration methods with backend systems is a must
• Strong understanding of Identity and Access Management (IAM) and Identity Access Governance (IAG) concepts and prior working experience with IAM tools
• Knowledge and understanding of LDAP and other directory technology including virtual directory (Schema, Directory Information Tree, Disaster Recovery, and backup)
• Knowledge and understanding of security practices as relates to WAM, federation, cross domain authentication, multifactor authentication and other advanced authentication/authorization technology
• Knowledge and experience with federation standards SAML, OpenID Connect, Oauth
• Troubleshooting/Debugging Skills: Splunk, WireShark, SAML Tracer, Fiddler, Application Performance Management tools, and SIEM platforms
Additional Nice to Have Skills/Knowledge
• Understanding of Privileged Access Management such as CyberArk, Centrify or similar tools
• Understanding of Identity Access Governance tools such as Sailpoint, Oracle Identity Manager, or similar tools
• Understanding of processes and migration from ISAM to Ping
• BS Computer Science equivalent or more