Consultant - IAM Engineer
We are looking for an Identity and Access Management professional to help migrate from our current CA SiteMinder/IdentityMinder implementations to a cloud-based IDaaS solution, and work on various new ongoing development/enhancements and application onboarding projects. Reporting to the Senior Manager – IAM Security Engineering, this individual will help ensure that we drive the right IAM solution for Staples’ applications enterprise-wide.
- Responsible for the installation and administration of CA IdentityMinder or cloud-based Identity Management product for enterprise-wide global User Lifecycle Management.
- Design and develop provisioning and de-provisioning processes/workflows for accounts across various internal and external systems.
- Configure and develop adapters and connectors with various systems and databases for account provisioning, de-provisioning and updates to user accounts.
- Work with various business and application teams on User Lifecycle Management provisioning requirements.
- Manage middleware components for Identity Management
- Manage existing IAM infrastructure and provide Level 2/3 support.
- Work with help desk and other teams to troubleshoot and resolve/fix issues and bugs.
- Work with Security and Compliance teams to provide auditing and reporting facilities and processes.
- Work with Operations team to deploy and integrate new technologies into current environments. Work with Enterprise Architecture and Business teams to identify new areas where IAM can be utilized and enhance IAM capabilities to address new business needs.
- This role is for a core Identity Management developer with middleware experience.
· Requires a Bachelor's degree (or foreign equivalent) in Computer Science, Computer Applications, or a directly related field plus five (5) years of experience establishing and implementing Identity Management functionalities.
· Five (5) years of demonstrated experience with the administration, installation, and troubleshooting in an enterprise IAM environment
· Five (5) years of LDAP experience, including experience in LDAP table schema
· Three (3) years of experience with object-oriented programming concepts and languages including Java and J2EE
· Three (3) years of Linux scripting experience
· Three (3) years of experience integrating legacy systems
· High level of expertise in multiple system environments. In depth knowledge of more specific platforms and the technology to support them.
· Hands-on experience in 5 or more of the following: CA IdentityMinder, ForgeRock Identity Manager, Sun Identity Manager (Oracle Waveset 8.x) or similar tools (Oracle IDM, IBM TIM, SailPoint) and/or CA SiteMinder or similar solutions (Sun openSSO, ForgeRock OpenAM, Oracle Access Manager, IBM TAM). LDAP, SAML 2.0, Federation technologies, Kerberos, Active Directory, Exchange, J2EE, JAVA, JMS, JCA, XML, SOAP, OAUTH, JWT, Oracle DB and WebSphere technology stack
· Hands-on experience with at least one Directory Server/LDAP technology such as ODSEE, IBM TDS, OpenLDAP, OID, CA Directory Server, OUD, OpenDS.
· Scripting and programming skills, shell/Perl, interfacing to LDAP using APIs.
· Hands-on experience in design, installation, configuration, and maintenance of the CA SiteMinder application and infrastructure, including Policy Server and agent install/config, setting up policies, etc.
· Experienced in deploying SSO integration with CA Identity Minder for password management utilities, and SaaS/Federated integrations
· Experience in Developing and Implementing Access Request forms/workflows and provisioning / de-provisioning of user access. Customization of product functionality to meet business requirements. CA IdentityMinder, ForgeRock Identity Manager preferred.
· Knowledge of web technologies like WebSphere, JBoss, Tomcat, IHS, IIS. Strong skills in J2EE and JaaS
· Experience with Oracle, SQL Server and/or other relational database
· Experience managing complex directory service environments on a global scale. Ability to work with globally distributed and cross-functional teams.
· Unix/Linux experience on physical or virtual systems
· Experience working in PCI/SOX controlled environments
· Use of ITIL methodologies for path-to-production
· Ability to troubleshoot and resolve issues quickly, identifying the best option in an emergency situation
· Project leadership ability including mapping out technical and business dependencies, milestones and timelines. QA/test experience is a plus.
· Ability to work with geographically disparate teams and interact with technical and business personnel across the global enterprise
· Demonstrated experience with all phases of the system development lifecycle at an enterprise level