Active Directory engineer (IAM) - Security (Onsite)

Job Title : Active Directory engineer (IAM) - Security (Onsite)

Location : Washington, DC

Duration : 12 Months+

Job Description :

Messaging and Directory Services Subject Matter Expert (SME) position requires in-depth knowledge of Microsoft-based infrastructure design and development, messaging and directory services best-practices and advanced knowledge of systems engineering, operations and management.

The consultant should have architect level experience planning, documenting, installing, managing, monitoring, and troubleshooting high-availability Exchange Server 2013, 2016, and 2019 environments.

Active Directory for Windows Server 2012 / 2016 / 2019, a wide range of wireless messaging technologies and advanced knowledge of messaging security and hygiene. O365 and Azure AD.

Skills with Azure AD and cloud authentication

• Single sign-on and federation solutions including operations and implementation knowledge of products (such as Azure AD, MFA, SecureAuth, OKTA)
• Privilege accounts lifecycle management solutions including operations and implementation knowledge of products
• Azure AD Identity & Access management skills such as (permission sets, policies, and roles management); proficient in providing guidance on least privilege to business partners
• Manage Identity Governance and Administration (IGA) provisioning tools
• Assist with maintaining M365 accounts, permissions, and applications
• Maintain Single Sign-on (SSO) and multi-factor authentication (MFA) solutions.
• Integration with user directories (including Active Directory, LDAP, Azure, etc.)
• Installation of new software releases and system upgrades
• Evaluate and install patches; resolve software related problems
• Provide technical support by utilizing working knowledge of IAM systems, browsers, etc.
• Assist with integration, implementation, and administration of systems
• Familiarity with software development lifecycle (SDLC)
• Hands-on development / coding
• Integrating on-premise applications with a SSO solution and multiple IdPs using SAML
• Utilize IAM (Identity and Access Management) programs to enable government clients to protect against digital identity risks.
• Provide appropriate access to applications, systems, and data with advanced authentication.
• Oversee the spread of information with privileged access management.
• Verify identity utilizing a wide range of IAM solutions and advanced authentication methods.

Responsibilities :

• Expertise in implementing, administrating and operating information security technologies such as firewalls, IDS / IPS, SIEM, Antivirus, network traffic analyzers and malware analysis tools.
• Utilizes advanced experience with scripting and tool automation such as Perl, PowerShell, Regex.
• Develops, leads, and executes information security incident response plans.
• Develops standard and complex IT solutions & services, driven by business requirements and industry standards.
• May also leverage dynamic and static code assessment tools to measure vulnerability of applications throughout the SDLC.

Skills :

Skills Required / Desired Amount of Experience Prior experience as technical support to security technologies for implementation, evolution and operations of the authentication infrastructureRequired6YearsExperience with Secure Authentication Systems, deployment and operationRequired6YearsExperience with Managed Public Key Infrastructure (PKI) Solution, deployment and operation is a MUSTRequired6YearsPowerShell scriptingRequired6YearsExperience with strong authentication technologies and protocolsRequired6YearsExpert knowledge of O365Required5YearsExperience troubleshooting and resolving AD issuesRequired6YearsPrior hands on experience with SSLRequired6YearsExperience with Active DirectoryRequired6YearsExperience with LDAP is a MUSTRequired6YearsExperience with RadiusRequired6YearsExperience with NTLM, Kerberos authentication is a MUSTRequired6YearsExperience with SAML, ADAL, WS-TRUST is a MUSTRequired5YearsExperience / familiarity with one or more of these technologies : RSA Secure ID, Cisco ACS, SecureAuth, ADFS, OneLogin, Okta is a MUSTRequired6Years6-10 yrs leading projects, ensuring they are in compliance with established standards / proceduresRequired6YearsBachelor's degree in IT or related field or equivalent experienceDesired