ForgeRock Identity and Access Management Engineer

*We are unable to sponsor for this permanent Full time role*

*Position is bonus eligible*

Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors.

• To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
• Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products.
• Developing custom integration, workflows and rules between tools using Agile methodologies.
• Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management.
• Processing access requests and issue tickets for internal and external customers.
• Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems.
• Managing project work through all phases (design, build, test, cutover).
• Report on controls, evidence gathering and control execution.
• Work collaboratively across IT and Business departments to implement technical solutions.
• Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control.
• Research, recommend, and implement changes to procedures and systems to enhance systems security.
• Assist in communicating security policies and procedures to users.
• Assist internal and external customers with multi–platform security access issues and requests.
• Assist in identifying or developing tools or methods to track and monitor risk.
• Support management with special projects and other duties as assigned.

• The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
• Microsoft Active Directory and LDAP.
• Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc).
• Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server.
• Experience with Multi–Factor authentication protocols and systems (Entrust, Duo, or similar).
• Experience with Single–Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar).
• Development experience: Java, Javascript, Groovy.
• Development experience: Python and Shell Scripting.
• Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP).
• Basic knowledge of Linux operating system administration.
• Basic knowledge of Windows server and desktop operating systems.
• Basic knowledge of Amazon Web Services (AWS).
• Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit.
• Preferred (nice to have):
• Sailpoint Identity IQ administration or experience.
• E–GRC/Archer.
• ServiceNow.
• Mainframe architecture.
• CA–ACF2 Mainframe access control facilities.
• Directory services, LDAP, and their inherent security (Active Directory, CA Directory).
• Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience.
• 7+ Years Identity Access Management (IAM) experience preferred.
• Hands–on IT or security operations experience.
• Industry recognized certifications (CISSP, ITIL, etc).