Identity and Access Management Systems Engineer

Identity and Access Management Systems Engineer 

 Gray Tier is seeking an Identity and Access Management Systems Engineer to be responsible for the upkeep, configuration, and reliable operation of computer systems in support of the Compartmented Enterprise Services Office (CESO) NOC. The Identity and Access Management Systems Engineer will contribute to the deployment and maintenance of an IdAM solution to serve as a comprehensive Identity as a Service (IDaaS) platform for CESO. 

With the CESO program, the Defense Information System Agency (DISA) is looking to transform the existing Secure Web Services (SWS) environment, which provides secure information sharing to the community, into a more mature service offering to meet the DoD and intelligence communities. As part of this mission, our team will manage the commercial cloud migration and disestablishment of legacy systems, fully automate the continuous development & continuous integration environment, fourth estate consolidation, professionalize services – ITIL/DevSecOps based processes, improve the customer experience 1st call resolution, and achieve development of a service catalog for Defense Working Capital Fund (DWCF) Model. 

Primary Responsibilities 

• Design, develop and maintain a comprehensive IDaaS solution based on the Okta (identity and access management) platform. 
• Have experience in identity access management and governance, to include single sign on, identity federation, enterprise directory architecture and design, and resource provisioning; Okta preferred. 
• Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards 
• Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement 
• Understand complex business and information technology management processes 
• Responsible for installing, integrating and deploying Okta products in client environments. 
• Communicate to clients and partners aspects of both the product and the implementation at the technical and functional level appropriate for the situation. 
• Work with the Identity Access Management team to continue making enhancements to the Identity Access Management program. 
• Work closely with development teams to perform User management, group management and Password management requests. 
• Create and maintain Identify Access Management metrics. 
• Document various system access for all Users to store in a centralized repository (CMBD) 
• Support efforts regarding audit findings, adherence to compliance and organizational change. 
• Responsible for working to resolve Okta system issues escalated within the service level agreement. 
• Ability to create, and modify CONOPS, and Standard Operating Procedure documents 

Basic Qualifications 

• BS in computer science or IT and 8+ years of experience. Additional experience may be considered in lieu of a degree. 
• IAT Level II Baseline Certification (e.g. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP) 
• Knowledge of Identity and Access Management platforms 
• Excellent written and oral communication skills 
• Ability to work effectively with both technical and non-technical audiences 
• Demonstrated ability to work in a complex, fast paced environment 
• Must possess an Active TS/SCI clearance and ability to obtain and maintain CI Poly 

Preferred Qualifications 

• Prior experience with DISA and DISA’s support to mission partners 
• Experience with: Active Directory, Identity lifecycle, Oracle Identity Manager or other IDM platform, Federation protocols (SAML, OAUTH, OpenID) and zero trust principle