Job Title: Security Engineer – Identity and
Access Management (IDAM)
Job Description
·
We are seeking security
Engineer with approximately 6-10 years of experience who has hands on
experience in Identity Access management platform developed, implemented and
managed at least 2-5 projects.
·
The Engineer should be
well versed with the IAM core development experience and knowledge on the
design, installation, configuration and administration of the following domains
i.e. Identity Management, Access Management, Privileged Access Management,
Two-Factor Authentication and Password-less security solutions.
·
This role will focus on
the systems, tools and scripts associated with system access, analysis and
maintenance of directory attributes, application integration with PIM and the
continuous improvement of our privileged access management platform.
·
To effectively manage
the enterprise IDAM platform, this Engineer will be heavily involved with
research and development, engineering, integration and the technical support
required to enhance our existing solutions and meet future access management
needs both on premises and in the cloud.
·
Sailpoint development
experience is a must
Responsibilities
·
Must have good hands-on
experience in developing the IAM solutions using SailPoint IIQ and SIQ (File
Access Manager).
·
Must have at least 5
years of core development experience in the SailPoint IIQ and should be able to
build a custom connector on your own.
·
Must have experience in
Defining Application on-boarding, Custom Rules, JML workflows, Creating custom
workflows, Provisioning plans, custom email templates, Access Certifications,
LCM and Custom Connectors etc.
·
Must be expert in
Java/J2EE, REST API Web Services, HTML, and JavaScript, Bean shell coding,
SailPoint IIQ REST API”s and database stored procedures.
·
Experience in
integrating with JDBC, Active Directory, Exchange, JIRA, Azure AD, RedHat IDM,
and an end-to-end experience of building custom connectors is a must
requirement.
·
Drive continuous
improvement of workflows, technical scripts, policies, procedures and
technology related to Identity and Access Management to enable risk reduction,
business enablement and operational efficiencies.
·
Participate in the
Design, Installation, Integration, Deployment, and Administration of the
following IAM products (SailPoint IIQ, File Access Manager, any one product
among Oracle Access Manager/ForgeRock/Ping/Okta, any one product among
CyberArk/Beyond Trust/Thycotic).
·
Work with stakeholders
to gather requirements needed for systems and application integrations.
·
Orchestrates security
and identity access management efforts between IT operations and business
support groups.
·
Design, Development,
Configuration and Administration experience on below security domains would be
an advantage:
o
Identity Management
o
Access Governance
o
Access Management
o
Two-Factor
Authentication and Password-less Authentication
o
Privileged Access
Management
o
Microsoft or Red Hat
IDM Directory Services
o
Single Sign on and
Federated Identity Management
·
Perform other related
duties as assigned.
Qualifications
·
We are seeking security
Engineer with approximately 6-10 years
of experience who has hands on experience in Identity Access management
platform developed, implemented and managed for at least 2-5 projects.
·
BE/B.Tech degree in
either Computer Science or MIS (or equivalent) preferred.
·
Experience in
documenting, design, developing and implementing Identity & Access
Management (IAM) systems with Privileged Identity Management familiarity.
·
Sailpoint development
experience is a must
·
Experience with
SailPoint IIQ, SailPoint SIQ (File Access Manager), Oracle Access Manager,
CyberArk, Beyond Trust, Thycotic, Double Octopus would be preferred.
·
Technical experience
working with Active Directory; including basic understanding of users/groups in
AD schema, Power Shell Scripts, GPOs, Password Policies and dormant/service
account management.
·
Have a strong
understanding of federated identity and web services security concepts such as
SAML, WS-Federation; on-boarding and off-boarding; privilege accumulation;
role-based access control (RBAC); Authentication, Authorization, and Accounting
(AAA).
·
Exposure and
understanding of:
o
At least two scripting
languages
o
Cloud & Mobile SSO
o
Virtual Directory
o
OAUTH, OpenID Connect
o
JSON, REST, SOAP