Senior Engineer - Identity and Access Management
Company
Federal Reserve Bank of Boston
As an employee of the Boston Fed, you will work to promote sound growth and financial stability in New England and the nation. You will contribute to communities, the region, and the nation by conducting economic research, participating in monetary policy-making, supervising certain financial institutions, providing financial services and payments, playing a leadership role in the payments industry, and supporting economic well-being in communities through a variety of efforts. The Boston Fed is one of 12 Reserve Banks and we serve all or parts of Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, and Vermont. Our mission is accomplished through our Bank's values: diversity, equity and inclusion, innovation, integrity, and leadership.
A requirement of this position is that the employee must be fully vaccinated against COVID-19 or qualify for an accommodation from the Bank's vaccination policy; individuals who are unable to be vaccinated due to a medical condition or sincerely held religious belief may request an accommodation from the Bank.
Who We Are:
As a member of the Directory Services team, you will work in a highly collaborative, knowledge-sharing group to engineer and integrate Directory Services solutions and technologies that protect and advance the Federal Reserve's financial services. We are highly interested in your Cloud experience to fuel our Cloud journey. Our work affords opportunities to flex and grow your technical and non-technical talents, in cross functional teams to modernize Identity and Access Management capabilities. With a solid foundation in Directory Services, Identity and Access Management and security, and your added Cloud journey experience, you can help move the Fed forward.
Job Responsibilities:
• Provide engineering expertise to design, integrate and/or deploy directory services and IAM solutions, with a focus on technologies such as Active Directory, virtual directory and identity orchestration, IDaaS, and Federation technologies, while in compliance with service level agreements, Federal Reserve System standards, and security and technology industry best practices.
• Plan, release and operationalize new tools or technologies to enhance directory services and IAM capabilities for on-premise and Cloud workloads. This entails requirements validation, research, design, installation, configuration, security hardening, risk assessment, documentation, testing, automation, troubleshooting and knowledge transfer.
• Participate in architecture or design reviews as directory services/IAM subject matter expert; provide input to design where needed and help plan execution of designs to transition work into implementation phase.
• Provide customer-centric consulting support to FRS business lines and IT partners to evaluate, recommend, design and/or implement technical solutions and process improvements in areas related to Identity and Access Management.
• Communicate and work directly with customers, stakeholders, subject matter experts and colleagues across the Federal Reserve System on projects, complex issues and events; present solutions to business and technical audiences.
• Automate and orchestrate engineering and operational tasks through use of tools and scripting.
• Provide technical expertise on deployment and operational issues.
• Occasional after hours and weekend work will be required in order to perform tasks and maintenance that cannot be done during business hours
• Participate in an on call rotation
Other Accountabilities:
• Perform other duties as assigned.
Supervision:
• This position is not required to directly supervise others.
Minimum Qualifications:
• Knowledge and experience normally acquired through, or equivalent to, the completion of a Bachelor's degree plus minimum of 3-5 years job related experience
• Individual must be proficient in deploying and/or operating IAM and directory technologies/solutions such as IDaaS, Active Directory, LDAP, Virtual Directory and Identity Synchronization technologies, Federation/Security Token Services
• Experience integrating with, deploying, or supporting IAM cloud-based services (i.e. IDaaS, Azure AD, AWS IAM services, etc.)
• Experience with supporting SaaS and/or IaaS applications/workloads
• Proficiency with modern scripting languages and/or orchestration tools
• Working knowledge of authentication industry standards and protocols (SAML, OAuth, Kerberos, Open ID Connect, etc.)
• Experience with enterprise hosting environments including Unix or Windows operating systems, networking (i.e. load balancing, DNS, firewalls, etc.) and relational databases (e.g. SQL)
• Ability to work with little supervision and manage multiple complex tasks/assignments
• Strong analytical and problem-solving skills
• Eagerness to learn with an ability to pick up new things quickly
• Strong communication and customer service skills
Preferred Qualifications:
• Knowledge or experience with technologies such as PKI, identity governance/lifecycle management, access management, access reporting, data access governance, API gateway.
• Knowledge or experience with Infrastructure as Code
• Knowledge or experience with agile methodologies.
• Knowledge or experience with REST APIs.
• Knowledge of compliance and risk management standards and frameworks (e.g. NIST, DISA, FEDRamp etc.)
• Cloud, Security or Information Technology Certifications (e.g.: CISSP/CCSP, AWS, Microsoft, etc.)
The Federal Reserve Bank of Boston is committed to a diverse and inclusive workplace and to provide equal employment opportunities to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.
All employees assigned to this position will be subject to FBI fingerprint/ criminal background and Patriot Act/ Office of Foreign Assets Control (OFAC) watch list checks at least once every five years.
The above statements are intended to describe the general nature, level of work and the requirements of this position. They are not intended to be an exhaustive list of all duties and responsibilities associated with this position or the personnel so classified. While this job description is intended to be an accurate reflection of this position, management reserves the right to revise this or any job description at its discretion at any time.
For this job, any offer of employment is contingent upon successfully passing a two-phase security screening. The first phase consists of the satisfactory completion of a physical examination (including a drug screening), reference checks, and a security investigation consisting of credit and criminal history checks. The second phase, which might not be complete until after you begin working at the Reserve Bank, is an additional risk-based security screening determined by the risk rating of the position. Depending upon the sensitivity of the position, this phase may include, and is not limited to, citizenship status verification, and personal interviews with the candidate, references, and prior employers.
All candidates must be a U.S. citizen.
Full Time / Part Time
Full time
Regular / Temporary
Regular
Job Exempt (Yes / No)
Yes
Job Category
Work Shift
First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Privacy Notice