Note: The job is a remote job and is open to candidates in USA. Cadre5 is a company that provides innovative technical solutions and is seeking an Identity and Access Management Engineer for their AmSC initiative. The role involves designing and building an Identity Management platform and federation hub to support collaboration and enhance access to resources across various DOE labs.
Responsibilities
- Contribute to the architecture, development and implementation of an Identity and Access Management platform
- Collaborate with application developers and owners to establish robust integrations
- Plan, execute and document application onboarding of a diverse and growing application set
- Collaborate with IAM personnel from other organizations to design, build and administer a federation hub, allowing users to access resources at any participating facility
- Build out and enable ABAC, RBAC, least privilege access and other common IAM standards
- Deploy, configure and support identity and access management services such as single sign on (SSO), OAuth, MFA, zero trust, etc…
- Lead incident response, providing advanced troubleshooting and building out of monitoring and alerting systems
- Define and implement define KPIs, processes and drive continuous improvement
- Participate in on-call rotation providing 24-hour, 7-day support and off-hours maintenance windows
- Coordinate with vendors to resolve hardware and software problems
- Deliver AmSC’s mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service. Promote diversity, equity, inclusion, and accessibility by fostering a respectful workplace – in how we treat one another, work together, and measure success
Skills
- Bachelor's Degree in computer science or closely related field and a minimum of 5 years of experience as an Identity and Access Management engineer. An equivalent combination of education and experience may be considered
- The ability to obtain and maintain a Department of Energy 'Q' clearance is required. This requires US Citizenship
- Extensive experience in Identity and Access Management supporting SSO, OAuth, MFA, and API development
- Excellent interpersonal/communication skills, and the ability to work as part of a team
- Proven track record leading and driving the delivery of large, complex IAM projects
- Experience with the Ping suite of IAM products, bonus points for Ping Government Identity Cloud experience
- Extensive experience with web authentication implementation such as SAML, OAuth, API-token, REST, etc
- Experience in directory services and directory structure, specifically using LDAP and/or PingDirectory
- Experience implementing RBAC and ABAC in complex enterprise environments
- Strong experience in identity federation design and implementation using standards like OIDC and SAML to manage user identities across disparate systems
- Experience with Automation and scripting (Python, etc…) for IAM tasks
- Working knowledge of cloud application architecture patterns and a thorough grasp of common products and managed services for at least one Cloud Service Provider (e.g. AWS)
- Working knowledge of Unix system fundamentals and common network protocols
- Solid understanding of cloud computing networking concepts
- Ability to proactively identify performance issues, problems, and areas for improvement
- Ability to identify requirements and to define, plan, and implement requisite solutions
- An understanding of code review and familiarity with tools like GitHub and GitLab
- Experience using tools such as Nagios, Grafana and Prometheus to monitor systems, metrics, and create dashboards
Benefits
- 3 weeks’ vacation
- Excellent medical insurance, including employer-paid benefits
- Full medical, dental, and vision coverage
- 401K match
- 15 days PTO
- 10 holidays
Company Overview