Authentication Access Management Architect

Job title: Authentication & Access Management Sr. Engineer/Architect
Location: Fully Remote (EST or CST time)
Longterm Contract

Must Haves:
10 years of experience
IAM Experience
IAM product experience
LDAP & active directory integration experience

Authentication & Access Management Sr. Engineer/Architect
The identity & Access Management (IAM) team is looking for an Authentication & Access Management Sr. Engineer/Architect to implement the nextgeneration Identity solution for enterprise users.

Technical requirements:

1. Overall 10 years of handson working experience in the Identity and Access Management area at the enterprise level.

2. The person must be able to understand and gather business requirements translate them to technical requirements and design the solution to meet the tactical and strategic approaches.

3. The person must be able to produce architectural patterns and solution design documents.

4. A handson technical experience is required to conduct the POC and solution design in a development environment.

5. Must have the ability to lead the discussion with various folks including business engineering and operation teams.

6. The person must be an expert in Authentication & Access Management area and related technology.

Authentication space (7 years):
Multifactor authentication (MFA) including password less MFA
Security knowledge of various technology & protocols FIDO PKI Mobile MFA OTP FIDO key Biometric authentication behavior & riskbased authentication
Implementation experience with web device (laptop etc.) infrastructure and API authentication use cases.
Mobile security knowledge is a plus.

Access Management space (7 years):
Identity Federation & Single SignOn (SSO)
Expert knowledge of implementing SAML OpenID Connect (OIDC) and OAuth 2.0
Security knowledge about session management
Identity gateway (proxy) and similar implementation knowledge
Continuous access control
Integration with cloud and onpremises systems including Azure AD GCP Salesforce etc.

7. Should have REST API and JSON working experience.

8. Must have LDAP and Active Directory integration experience.

9. Should have some development experience in building POC and prototypes.

10. Working knowledge of some of the IAM products is required.
PingIdentity Okta HYPR Axiad ForgeRock SiteMinder TransmitSecurity Azure AD etc.
Centrify/Delinea BeyondTrust CyberARK etc.

11. Azure and GCP cloud experience are a plus.

12. Zero trust implementation experience is a big plus.

Preferred:

1. The expertise in Privileged Access Management area

a. Privileged Access Management for admin and privileged accounts

b. Just in time and time based access control

c. Access control solution for Linux Windows servers Kubernetes/docker databases Clouds and other PAM use cases.

2. CISSP certification

3. Development experience in any of the technologies Java Powershell etc.