Identity Access Management (IdAM) Engineer
The CDM Program is sponsored and lead by the DHS/ Cyber & Infrastructure Security Agency (CISA), and is designed to transform the .Gov cybersecurity posture through the design, integration, and operationalization of cyber capabilities. The CDM program provides participating Agencies with a holistic cybersecurity solution that includes Identity and Access Management (IdAM) What you get to do: As a the Lead IdAM Engineer you will be an Identity & Access Management (IdAM) Security tools Subject Matter Expert (SME) for Tier III support as well as providing selective O&M services to CDM Phase 2 tools. . Provide Tier III support for CDM Phase 2 services including but limited to implementation, configuration, troubleshooting, operations and management of the IAM application . Provide advanced engineering support, coordinating with solution providers to support additional problem management activities as required . Operate and maintain CDM Phase 2 tools including SailPoint, CyberArk, CA PAM, Forescout, McAfee, Tenable Nessus, and BeyondTrust-BeyondInsight . Implement and execute on technical initiatives and solutions. Responsible for making adjustments or recommended enhancements to solve problems or improve effectiveness of job area . Create root cause analysis, troubleshoot and support IdAM applications/systems . Part of a team of Tier III Engineers providing staggered shift support (core hours are 8:00am to 6:00pm) . Rotating 24x7x365 On-Call support More About the Role: . Limited oversight from manager . Provides status reports at least weekly and monthly and complete other reporting requirements as required for overall program reporting requirements . Develops and maintains the relevant portions of the Service Operations Handbook specific to Identity & Access Management tools . Holds team members accountable for following published SOPs . Communicates within the project area or technical department on matters that involve obtaining or providing technical information requiring some explanation or interpretation You'll Bring These Qualifications: . Active TS/SCI or SCI eligibility required and must be clearable to a Department of Homeland Security (DHS) EOD. . Must support rotating 24x7x365 On-Call support . US Citizenship Required . BA/BS or equivalent years of experience and 10years of relevant experience . 3+ years of related Identity Management engineering, including installing, configuring and troubleshooting experience with one or more of these tools: . CyberArk . SailPoint . CA PAM . One or more active certification listed below: . SailPoint Certified IdentityIQ Engineer . SailPoint Certified IdentityIQ Architect . CyberArk Trustee certification (Level 1) . CyberArk Defender certification (Level 2) . CyberArk Sentry certification (Level 3) . CyberArk Guardian certification (Level 4) . CA PAM Proven Support Professiona Certification Requirements: Appropriate technical certification for the technology for which the candidate claims SME status plus no less than two years of demonstrated and verifiable hands-on experience in design, implementation and maintenance of the application and related devices OR Four years of demonstrated and verifiable hands-on experience in design, implementation and maintenance of the application and related devices with the ability to attain vendor certification for the technology for which the candidate is being hired within six months of assignment on program These Qualifications Would be Nice to Have: . Experience with ITIL processes . Relevant DHS or .Gov Cyber Security focused experience . Working knowledge of Service Now and/or Remedy Ticket Management Systems.