Identity, Credential and Access Management Systems Engineer

Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.

TDI is seeking a TS/SCI cleared Identity, Credential and Access Management Systems Engineer (formerly identity and access management / IdAM) to be responsible for the upkeep, configuration, and reliable operation of computer systems in support of DISA's Compartmented Enterprise Services Office (CESO) NOC.  The Systems Engineer will to contribute to the deployment and maintenance of an ICAM solution to serve as a comprehensive Identity as a Service (IDaaS) platform for CESO.

Our customer is looking to transform the existing Secure Web Services (SWS) environment, which provides secure information sharing to the community, into a more mature service offering to meet the DoD and intelligence communities.  As part of this mission, our team will manage the commercial cloud migration and disestablishment of legacy systems, fully automate the continuous development & continuous integration environment, fourth estate consolidation, professionalize services – ITIL/DevSecOps based processes, improve the customer experience 1st call resolution, and achieve development of a service catalog for Defense Working Capital Fund (DWCF) Model. 

RESPONSIBILITIES:

• Deploy and maintain the ForgeRock IdP (identity and access management platform).

• Implement identity access management and controls, to include single sign on, identity federation, enterprise directory architecture, and resource provisioning.

• Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards

• Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

• Understand complex business and information technology management processes

• Install, integrate, and deploy ForgeRock products in client environments using

• Communicate to clients and partners aspects of both the product and the implementation at the technical and functional level appropriate for the situation.

• Work with the Identity Access Management team to continue making enhancement to the Identity Access Management program.

• Work closely with development teams to perform user management, group management and password management requests.

• Create and maintain Identify Access Management metrics.

• Document various system access for all Users

• Support efforts regarding audit findings, adherence to compliance and organizational change.

• Responsible for working to resolve ForgeRock system issues escalated within the service level agreement.

• Ability to create, and modify CONOPS, and Standard Operating Procedure documents

QUALIFICATIONS:

• TS/SCI Clearance
• BS in computer science or IT and 8+ years of experience. Add'l experience may be considered in lieu of degree.

• IAT Level II Baseline Certification (e.g. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)

• Candidate must possess an Active TS/SCI clearance and ability to obtain and maintain CI Poly

• Experience with federation protocols (SAML, OAUTH, OpenID) and zero trust principles

• Experience with the ForgeRock platform

• Knowledge of Identity and Access Management platforms

• Knowledge of Linux Operating Systems

• Excellent written and oral communication skills

• Ability to work effectively with both technical and non-technical audiences

• Demonstrated ability to work in a complex, fast paced environment

PREFERRED QUALIFICATIONS:

• Prior experience with DISA and DISA’s support to mission partners 

• Experience with: JISG Access Controls, Amazon Web Services, Ansible playbooks

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

“TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.”