Identity Access Management Engineer -- TS SCI Required
6 days left
- Full Time
GDIT seeks a qualified candidate to provide engineering support for DIA’s Identity Access Management (IdAM) Public Key Infrastructure. IdAM discipline areas consist of digital identities, Access Control, and Authorization such as Active Directory/Virtual Directory Services, PKI and supporting technologies, Attribute Based Access Control (ABAC) / Policy Based Access Control (PBAC) and Role Based Access Control (RBAC). Duties consist of integrating IdAM solution designs that include the development of high availability / disaster recovery solutions assuring basic integrity and confidentiality of critical privacy data hosted on DIA supported networks/systems, integrating defense in depth design\security controls based on NIST 800.82 publication, ensuring high availability and data integrity through the enforcement and enhancement of group policy objects (GPOs), integration with standard and future encryption devices and object level encryption, and incorporation of Data Rights Management (DRM), providing security analysis and recommendations on all IDAM capabilities such as authentication, authorization and user management activities, engineering analysis on integration between ArcSight ESM and IdAM Attribute Based Access Control (ABAC), assisting in ensuring all requirements of ICD 503 have been met to facilitate the accreditation of the final solution, as well as develop security test plans and supporting documentation to ensure that developed systems are in compliance with security directives such as ICD 503 and local security policies.The qualified candidate with have knowledge of concepts such as; defense in-depth, vulnerability, assessment, cyber attacking, remote analysis, cross security domain, group policy object (GPO), organizational units (OUs) modeling, encryption, high availability and data integrity, as well as experience with the integration of prevailing commercial identity management software packages for Infrastructure (PKI) interfaces, Two-Factor-Authentication technologies, Robust Certificate Verification System (RCVS), Online Certificate Status Protocol (OCSP) and all interacting interfaces, WEB Services and associated WSDLs, Microsoft Active Directory Lightweight directory service (MS AD-LDS), Microsoft Forefront Identity Manager (FIM), Virtual Directory systems such as Radiant Logic, Optimal and LDAP based infrastructure, Claims-based identity security service and interfacing with web portals, SharePoint and generic web-based applications, as well as knowledge of federated identity standards such as SOAP, REST and the OASIS SAML 2.0 X.509 Attribute Sharing Profile. Other functional duties may consist of: 1. Performs complex systems development and design work that may include logic design, I/O design, firmware development, model formulation, manufacturing and development cost projections, computer architecture analysis and design, and analog or digital systems engineering. 2. Performs systems modeling, simulation, and analysis. 3. Reviews completion and implementation of system additions and/or enhancements and makes recommendations to management and/or clients. 4. Plans and directs upgrades of operating systems and designs systems enhancements. 5. Develops documentation on new or existing systems. 6. Develops and directs tests to ensure systems meet documented user requirements. 7. Identifies, analyzes, and resolves system problems. 8. Provides system/equipment/specialized training and technical guidance. 9. Determines system specifications, input/output processes, and working parameters for hardware/software compatibility. 10. Provides guidance and work leadership to less-experienced systems engineers and may have supervisory responsibilities. 11. Serves as liaison with clients, participating in meetings to ensure client needs are met. 12. Maintains current knowledge of relevant technology as assigned. 13. Participates in special projects as required. Education Bachelors Degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience. Qualifications The contract requires 8 years of systems engineering experience.A DoD 8570 IAT Level II certification is required prior to contract start...Security + preferred. As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.