Current Job Openings

NYC Cyber Command Identity Management Engineer: 255 Greenwich Street, 9th floor, New York, NY 10007

Due Date:
Monday, August 19, 2019 4:00 PM

Job Title:
NYC Cyber Command Identity Management Engineer

Location:
255 Greenwich Street, 9th floor, New York, NY 10007

Scheduled Work Hours:
Full Time - 9 to 5 - 35hrs/wk

Service Scope:
This is a two-year engagement for a senior Identity & Access Management Engineer to provide subject matter expertise for comprehensive Privileged Access Management (PAM) and Multi-Factor Authentication (MFA) deployments in a large, distributed environment. The candidate will work closely with business, technical and application stakeholders to achieve project objectives, from onboarding new organizations to full production deployment for both workstreams.
The scope of services includes:
1. Deploying a PAM solution to thousands of Windows and Linux servers
2. Deploying an MFA solution to thousands of remote access and cloud-based email users
3. Installing session monitoring software on thousands of Windows and Linux servers
4. Integrating high assurance level for on premise, commercial off the shelf, and cloud-based appli-cations with MFA
5. Collaborating with Identity Management, Windows and Linux teams on updating AD roles and GPOs for privileged accounts
6. Collaborating with enterprise email and remote access team on updating configurations neces-sary to implement MFA
7. Working with Infrastructure Management teams to ensure the introduction of the PAM and MFA solutions do not impact production environments; documenting and completing test cycles
8. Collaborating with Cybersecurity and Identity Management teams to develop processes and track actions, and mitigate unauthorized activity of privileged accounts
9. Coordinating Change Control activities for application and server software installations
10. Documenting server installations and processes
11. Documenting gaps in Access Management processes and recommending controls to resolve the gaps
12. Assisting with troubleshooting service disruptions.

Mandatory Skills:
Note: candidates who do not have the mandatory skills will not be considered.
1. Minimum twelve (12) years of experience providing specialized knowledge of complex customer
processes and requirements; applying technical expertise in defining, analyzing, validating, and
documenting complex operation environments, states of technology and current engineering
processes; conducting complex technical investigations through advanced research techniques,
analysis or development phases of engineering projects.
2. Understanding privileged account lifecycle management.
3. Strong Active Directory skills including multi-factor, multi-domain, and multi-tenant environ-
ments; domain trust relationships, organizational units, rights inheritance, DNS and GPOs; group
assignments and role delegations.

Desired Skills:
1. Experience deploying PAM solutions in a large, distributed environment or a service provider environment
2. Experience working with PAM systems such as Centrify
3. Experience working with MFA solutions such as Microsoft Azure AD MFA
4. Experience with MFA protocols and techniques with any of the major vendor products
5. Solid understanding of how Role Based Access Control (RBAC) works in large, distributed en-vironments
6. Hands on experience integrating security and event logs into SIEM platforms
7. In depth knowledge of authentication methods/protocols including LDAP, federation and SAML
8. Experience working with Microfocus Enterprise Directory

9. Good understanding of NIST framework as it relates to Identity & Access Management

10. Good understanding of Cloud architecture

11. Linux experience in a complex enterprise environment with understanding of Kerberos and PAM authentication protocols

12. Linux experience with account and group management

13. Good understanding of OAuth, Smartcards and MFA keys

14. Good understanding of how strong authentication integrates with applications residing on Windows, Linux and Cloud platforms.

Apply for this job

« Back to Current Job Openings