Logo
Randstad Digital

Identity and Access Management Engineer

Randstad Digital, Colorado Springs, CO, United States


Secret Security Clearance Required

US Citizens only

100% onsite

The selected candidate will support the DevSecOps team to design, develop, test, implement, and integrate IAM systems. They will also manage user provisioning and access management processes, monitor, and analyze access logs and security events, implement, and maintain technologies to ensure audit and privacy compliance. The IAM engineer can will manage certificate requests in a CA Service and assist with implementing a certificate management plan for the program. You will work with the architecture, engineering, operations, and support teams to create and maintain standards, deploy new solutions, administer, automate, and support Microsoft Identity Manager and Privileged Account Vaulting solutions.

Emerging authority typically with an advanced degree and 7+ years\' experience or bachelors with 9+ years\' experience or equivalent. Appropriate IAM Level III DoDI 8570 certification required. Internal candidates with IAT Level II cert and the ability to obtain IAM Level III cert within the 8570 prescribed guidelines will be considered as well.

Qualifications: • Technical experience in systems integration or software engineering of identity and access management (IAM) solutions (Delinea, Axway Desktop Validator, Active Directory, Java Applications, 802.1X) • Participate in efforts to deploy new and optimize existing solutions, automate, create standards, and govern technologies including but not limited to PKI/MFA, Delinea and Active Directory. • Experience with role-based access controls and configuring automated provisioning and deprovisioning of RBAC. • Implement security measures to protect against unauthorized access and ensure compliance with industry regulations and internal policies. • Advanced understanding of UNIX security, as it relates to user access and provisioning. • Extensive knowledge and experience with identity and access management technology, such as single sign-on (SSO), two-factor authentication, privileged access management, etc. • Experience with Linux/Unix, Windows, scripting (with programming languages such as Bash, PowerShell, or Perl), SQL, LDAP, and web services. • Experience with one or more programming languages such as Java, C#, C/C++, Python, or JavaScript • Develop PowerShell scripts for administrative and automation tasks. • Support Security Engineering efforts and Cyber Roadmap development and maturation. • Support ongoing Security Engineering and architecture efforts. • Establish and maintain reliable backup and recovery processes for Active Directory, ensuring minimal downtime in the event of data loss or system failure. • Work closely with other IT teams to integrate Active Directory services with other systems, applications, and infrastructure components. • Create and maintain comprehensive documentation for Active Directory configurations, policies, and procedures.

Must be an effective communicator with excellent writing. Must be responsible to work independently / solo at times on large projects, at other times will be in a collaborative team environment with other DevSecOps engineers, as well as other program development and deployment teams. • 3-5 years’ experience supporting Microsoft Active Directory & related technologies • 3-5 years\' experience with continuous integration environments in Network, Software, or platform infrastructure capability automation, development, and deployment. • Experience with Linux/UNIX or Windows system administration • Experience with a shell scripting language (e.g., Python, Powershell, etc.). Desired: • Experience with automation/configuration management using Ansible, GitLab, Nexus or other equivalent technology