|
Description of Work:
IAM Architect will be responsible for customer Identity and Access Management ecosystem, driving the IAM program to modernize application authentication, authorization and security capabilities. This role will drive customer IAM security policies, ensuring application secure by design standards are met by agency’s business units. The Identity and Access Management Security Architect will serve as the lead IAM technical point of contact for the Customer Identity and Access Management program, responsible for developing customer facing IAM application standards, including authentication and authorization mechanisms. The successful candidate will possess excellent interpersonal and communication skills required to partner with other leaders across the business to identify opportunities and risks and develop and deliver solutions that support business strategies and protect agency’s sensitive information and intellectual property globally.
Key Responsibilities
- Develops CIAM applications architecture solutions to business problems in alignment with the enterprise architecture direction and standards
- Deliver, oversee, document, and enforce CIAM architecture across multiple diverse business domains and application architectures
- Create the technical approach for the shared operational capabilities of customer identity and access management, including customer registration, self-service, authentication, authorization, administration, audit, and reporting
- Partner alongside application architects to design and develop CIAM solutions for API driven cloud and cloud/hybrid-based applications.
- Work closely with development teams to design and build API integrations authenticated by the identity management platform
- Works with Cloud and Enterprise Architecture, Infrastructure Services, and Development teams to choose appropriate technology solutions and facilitates complete integration into the company environments.
|
|
Basic Qualifications:
Minimum knowledge, skills, abilities needed.
- Bachelor's degree and 7 Years of work experience OR Master's degree and 5 Years of work experience OR a minimum 11 years of work experience in lieu of a degree
- 3-5 years’ experience with Identity and Access Management concepts such as authentication, authorization, application security, privacy and consent management, regulatory compliance, multi-factor authentication, federation, and risk management
- 3-5 years deep knowledge of IAM standards, restful API design, tokens, session management and profiles
- 3-5 years’ experience with identity lifecycle management and federation technologies such as SAML, OAUTH, OpenID Connect
- 3-5 years of proven success with designing IAM architecture frameworks using customer identity and access management platforms such as Okta, Ping Identity or similar
- 3-5 years of strong development and application security background
- Must be able to obtain and maintain a US Public Trust clearance
|
|
Preferred Qualifications:
Candidates with these skills will be given preferential consideration.
- 3-5 years of experience with IAM Security Architecture and/or Engineering.
- 2 years of experience with Cloud platforms such as GCP, Amazon Web Services (AWS), or Azure.
- Experience with practices governing definition and design of Services, Microservices and RESTful APIs.
- Establishes and drives the technical approach for the shared operational capabilities of customer identity and access management, including customer registration, self-service, authentication, authorization, administration, audit and reporting.
- Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.
- Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
- Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decision recommendations.
- Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
- Ability to work independently with minimal direction; must be a self-starter and be self-motivated.
- Two or more security certifications preferred - CISSP, CISM, CISA, SANS GIAC, CGEIT, CRISC, GSEC, ITL, etc.
#LI-DNI
|
