Centraprise
Senior PKI and CIAM Engineer
Centraprise, Marietta, Georgia, United States, 30064
Senior PKI and CIAM EngineerLocation Preference: Marietta, GA (Remote until client requirement. Be flexible for onsite/hybrid later (with 1-month prior intimation))Fulltime Permanent
Note: Team is looking for candidates with strong hands-on experience on below skills. Need profiles urgently. Please call me if you have any questions.
PKI as primary skill. IAM is SecondaryWhat is PKI?What are the components?How the certificate works?What is IAM?What is lifecycle of IAM?
Who are we looking for?Senior PKI and CIAM Engineer specialized in Certificate management - Entrust, Venafi, Microsoft & Google; CIAM - ForgeRock, Jenkins, Looker, Tableau.
PKI:Experienced in both internal and external certificate management processes.Experience with Microsoft certificate authorityExperience in enterprise Key Management, distribution, and administrationGood understanding of PKI architecture, including policies, standards, strategies, automation, and governanceCustomer focus for supporting hundreds of USPS/ ISPA applications / services using thousands of certificates.Strong understanding of AD and exchangeKnowledge on PKI/ Hardware Security Modules/ KMIP/ Certificate Management/ CryptographyExperience with ServiceNow Change/Incident/Problem managementStrong communication skills in dealing with IT developers and system administrators.Basic knowledge of IT security principles, HIPAA, SOX, and PCI regulationsComputer security, specifically in Windows/ LINUX OS environment.
Technical Skills:Familiarity with leading IAM concepts such as Least Privilege, Privileged Access, Roles and Data mining, Segregation of Experience in Identity and Access management in ForgeRock (OpenAM, OpenDJ, OpenIDM, OpenIG and their extensions with custom Java code Java development)Engineering , enhancements & upgradesExperience in SAML, OAuth, Open ID Connect protocols.Experience in creating Looker, Tableau DashboardsExperience in JenkinsImplement authentication and authorization flows through Identity and Access Management SystemsBuild API(s) which can be consumed through omni channel interfaces like Traditional Web Apps, Single Page Application Frameworks, Mobile, B2B systems, etc.
Process Skills:Performing daily health checks of the Active Directory Certificate Services(ADCS) Server and Services to analyze potential alerts, warning and risk to infrastructure.Maintain Certificate Inventory, management of issuance, revocation, and renewal of certificates (Internal & external).Access control to certificate templates.Manage Certificate Features & Policies, document Key & Certificate Management Policies and updated periodically.Co-ordinate with the infrastructure/ application team to get the required certificate request file.Support Alert management (Alerts through enterprise monitoring)Capacity management along with Engineering, enhancements & upgradesSupport provisioning, de-provisioning, access validation, authentication, and troubleshootingProvide support for IAM operational incidents and request.Workflow, Policies, and rule creationTroubleshooting rules and workflow failure issuesPatching support for CIAM toolService restart for CIAM toolInvestigate queries related to CIAM platform.Realtime monitoring of CIAM tool.Alert management (Alerts through enterprise monitoring) for CIAM tool.
Behavioral Skills:6+ years of professional experience working with Public Key Infrastructure & Identity Management solution.Effective interpersonal, team building and communication skills.You have a clear understanding of Certificate Lifecycle Management and Identity Lifecycle Management (provisioning, de-provisioning, authentication)You have a clear understanding of Identity Governance and Administration (IGA) with regards to access requests, integrations, provisioning, entitlements, and reportingYou possess strong analytical and problem-solving skills and demonstrable ability to work independently as well as in a team environment.Excellent verbal and written user documentation skillsAbility to communicate complex technology to no tech audience in simple and precise manner.Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers, be able to follow instructions, make a team stronger for your presence and not weaker.Ability to see the bigger picture and differing perspectives; to compromise, to balance competing priorities, and to prioritize the user.Desire for continuous improvement, of the worthy sort; always be learning and seeking improvement, avoid change aversion and excessive conservatism, equally avoid harmful perfectionism, "not-invented-here" syndrome and damaging pursuit of the bleeding edge for its own sake.Learn things quickly, while working outside the area of expertise.Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design.Ability to communicate complex technology to no tech audience in simple and precise manner.
Certification: (Optional):Venafi Security Administrator (VSA)ForgeRock Certified Identity Management SpecialistForgeRock Certified Access Management Specialist
Note: Team is looking for candidates with strong hands-on experience on below skills. Need profiles urgently. Please call me if you have any questions.
PKI as primary skill. IAM is SecondaryWhat is PKI?What are the components?How the certificate works?What is IAM?What is lifecycle of IAM?
Who are we looking for?Senior PKI and CIAM Engineer specialized in Certificate management - Entrust, Venafi, Microsoft & Google; CIAM - ForgeRock, Jenkins, Looker, Tableau.
PKI:Experienced in both internal and external certificate management processes.Experience with Microsoft certificate authorityExperience in enterprise Key Management, distribution, and administrationGood understanding of PKI architecture, including policies, standards, strategies, automation, and governanceCustomer focus for supporting hundreds of USPS/ ISPA applications / services using thousands of certificates.Strong understanding of AD and exchangeKnowledge on PKI/ Hardware Security Modules/ KMIP/ Certificate Management/ CryptographyExperience with ServiceNow Change/Incident/Problem managementStrong communication skills in dealing with IT developers and system administrators.Basic knowledge of IT security principles, HIPAA, SOX, and PCI regulationsComputer security, specifically in Windows/ LINUX OS environment.
Technical Skills:Familiarity with leading IAM concepts such as Least Privilege, Privileged Access, Roles and Data mining, Segregation of Experience in Identity and Access management in ForgeRock (OpenAM, OpenDJ, OpenIDM, OpenIG and their extensions with custom Java code Java development)Engineering , enhancements & upgradesExperience in SAML, OAuth, Open ID Connect protocols.Experience in creating Looker, Tableau DashboardsExperience in JenkinsImplement authentication and authorization flows through Identity and Access Management SystemsBuild API(s) which can be consumed through omni channel interfaces like Traditional Web Apps, Single Page Application Frameworks, Mobile, B2B systems, etc.
Process Skills:Performing daily health checks of the Active Directory Certificate Services(ADCS) Server and Services to analyze potential alerts, warning and risk to infrastructure.Maintain Certificate Inventory, management of issuance, revocation, and renewal of certificates (Internal & external).Access control to certificate templates.Manage Certificate Features & Policies, document Key & Certificate Management Policies and updated periodically.Co-ordinate with the infrastructure/ application team to get the required certificate request file.Support Alert management (Alerts through enterprise monitoring)Capacity management along with Engineering, enhancements & upgradesSupport provisioning, de-provisioning, access validation, authentication, and troubleshootingProvide support for IAM operational incidents and request.Workflow, Policies, and rule creationTroubleshooting rules and workflow failure issuesPatching support for CIAM toolService restart for CIAM toolInvestigate queries related to CIAM platform.Realtime monitoring of CIAM tool.Alert management (Alerts through enterprise monitoring) for CIAM tool.
Behavioral Skills:6+ years of professional experience working with Public Key Infrastructure & Identity Management solution.Effective interpersonal, team building and communication skills.You have a clear understanding of Certificate Lifecycle Management and Identity Lifecycle Management (provisioning, de-provisioning, authentication)You have a clear understanding of Identity Governance and Administration (IGA) with regards to access requests, integrations, provisioning, entitlements, and reportingYou possess strong analytical and problem-solving skills and demonstrable ability to work independently as well as in a team environment.Excellent verbal and written user documentation skillsAbility to communicate complex technology to no tech audience in simple and precise manner.Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers, be able to follow instructions, make a team stronger for your presence and not weaker.Ability to see the bigger picture and differing perspectives; to compromise, to balance competing priorities, and to prioritize the user.Desire for continuous improvement, of the worthy sort; always be learning and seeking improvement, avoid change aversion and excessive conservatism, equally avoid harmful perfectionism, "not-invented-here" syndrome and damaging pursuit of the bleeding edge for its own sake.Learn things quickly, while working outside the area of expertise.Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design.Ability to communicate complex technology to no tech audience in simple and precise manner.
Certification: (Optional):Venafi Security Administrator (VSA)ForgeRock Certified Identity Management SpecialistForgeRock Certified Access Management Specialist