Identity and Access Management Engineer




The ideal candidate should have at least 5 years of experience with Identity and Access management solutions on the Microsoft platform, to include Forefront Identity Manager, Azure Active Directory, and Active Directory Federation Services (ADFS). Successful candidates must be proficient with claims-based access, certificate management, PKI, non-Microsoft directory sync. Experience with 3rd party Identity solutions is a plus. The candidate should possess a solid working knowledge of Microsoft on-premises platforms including Windows Server 2012R2 Operating Systems and Active Directory. Advanced domain knowledge in one or more vertical industries is also an asset.

Expert level knowledge is required in assisting customers in envisioning, designing, planning, building and deploying (release, maintenance, monitoring) solutions including the following:

  • Demonstrated excellence at presenting complex development topics to both executive and technical personnel.
  • An ability to articulate architectural differences between solution methods and the challenges and approaches to integrating solutions built on different platforms including a working knowledge of different architectural frameworks that may be used by our customers.

Responsibilities include:

  • Performance in multiple areas of identity management (IDM), Active Directory (AD), Active Directory Domain Services (ADDS), Active Directory Federation Services (ADFS), FIM, MIM, ABAC, WAP Identity Module, enterprise security compliance, secure systems configuration, hardening Windows operating systems, secure workstations, secure data management, and secure web technology
  • Deliver technical security configuration architecture expertise in implementing cross-organizational information sharing
  • Develop solutions and recommendations for issues caused by process challenges, emerging threats and technology changes
  • Act as trusted security architecture/engineering advisor to senior leadership with extensive evidence of ability to provide strategic direction in leading activities in support of team and enterprise objectives.
  • Provide professional knowledge and experience of information systems security identity policies and enterprise scale practices.
  • Develop security architectures, and engineering system specifications implementing identity management and security controls in development and operational systems
  • Familiarity with Hyper-v and System Center Virtual Machine manager is a plus
  • Solid understanding of Active Directory (AD) including Multi-Forest, Multi-domain, and Group policy
  • Familiarity with PowerShell is a required
  • Experience with Desired State Configuration is a plus
  • Familiarity with SSRS, SSAS, and System Center 2012 R2 product line is a plus

This position is a challenging role in a multi-contractor team supporting a fast moving program for multiple customers and/or projects. In this role, you will execute tasks and support for the development teams on various projects.

MANDATORY qualifications

  • SCI clearance with current SSBI
  • Bachelor’s degree (or equivalent experience)
  • 5+ years’ experience in hands-on Identity Management positions
  • Experience working on and supporting classified networks
  • Experience working in a team environment on similar tasks

Strongly desired qualifications/skills

  • Azure Active Directory
  • Forefront Identity Manager (FIM)
  • Microsoft BHOLD Suite
  • Active Directory Federation Services (ADFS)
  • Solid knowledge of the design principles for Identity Federation
  • Experience with LDAP directories
  • Understanding of how various application platform architectures use identity – primarily .NET (WIF) and Java
  • Familiarity of industry standard access protocols, such as SAML, XACML, OAuth, WS-Trust, etc
  • High level understanding of the key concepts of web application and web service architecture, including SOAP, XML, and WCF
  • Microsoft PKI
  • Enabling SharePoint federated access scenarios
  • Demonstrated strong consulting skills including leading large, complex projects
  • Large enterprise deployment experience in complex heterogeneous environments
  • Ability to move between high level architectural review/design and the “roll up the sleeves” level of actually doing all phases of a solution delivery project

Bachelor’s or Master’s degree in IA/Cyber Security/Computer Science
Advanced IT certifications–technical certifications such as CISSP, RHCE, CCIE, SANS, etc.

To apply for this job email your details to