Identity & Directory Management Services Senior Engineer - Okta

US-Remote

NCI Information Systems Inc.

Req #: 7637
Type: Regular Full-Time
logo

NCI Information Systems Inc.

Connect With Us:
Connect To Our Company
				Overview:

Empower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving complex challenges in Health, Defense, and Civilian missions. Our proven Empower AI Platform(r) provides a practical, sustainable path for clients to achieve transformation that is true to who they are, what they do, how they work, with the resources they have. The result is a government workforce that is exponentially more creative and productive. For more information, visit www.Empower.ai.

Empower AI is proud to be recognized as a 2024 Military Friendly Employer by Viqtory, the publisher of G.I. Jobs. This designation reflects the company's commitment to hiring and supporting active-duty and veteran employees. 

Responsibilities:

SUMMARY

DIGIT is seeking a Identity and Directory Management Services (IDMS) Senior Engineer with expertise with Okta to support the design, administration, management, execution & maintenance of GSA's Identity & Directory Management Services (IDMS) and Identity, Credential, and Access Management (ICAM) solutions to meet the needs of the enterprise users & the enterprise architecture. These services, systems, and capabilities include, but not limited to, directory services management, ICAM, privileged account management, Single Sign-On (SSO), Active Directory (AD) Domain Name System (DNS) services, Public Key Infrastructure (PKI), Multi-Factor Authentication (MFA), auditing and log management, Continuous Diagnostics and Mitigation/Dynamic and Evolving Federal Enterprise Network Defense (CDM/DEFEND), and the management of appliances. GSA IT currently leverages Microsoft (MS) AD as the authoritative account management system.

As a leading provider of advanced information technology solutions and professional services to U.S. federal government agencies, is the prime for a $807m task order in support of the General Services Administration (GSA) Office of Digital Infrastructure Technologies (IDT) DIGIT (Digital Innovation for GSA Infrastructure Technologies) task order driving digital transformation and delivering continuous 

improvement and business value to its customers.  The team is comprised of the best-in-class technology partners to leverage forward-leaning technologies and best practices to transform GSA's IT capabilities and shift offerings to provide a more flexible service delivery model, completing the agency's shift to a fully digital experience along with its adoption of advanced, emerging technologies such as intelligent automation, artificial intelligence, and machine learning.

RESPONSIBILITIES

This position shall perform the following (to include but not limited to) activities

* Extensive experience with Okta includes installation, configuration and migrations.
* Troubleshoot advanced problems within the Okta IdP by using tools such as SAML tracer, Fiddler and other similar tools.
* Integration experience with SAML, OpenID Connect, RADIUS and Oauth.
* Integration experience with Multi Factor Authentication.
* Integration experience with Password less Authentication.
* Provide advanced support for IAM/SSO/MFA by troubleshooting a variety of difficult software problems, implementing bug fixes, and performing root cause analysis using agile methodologies.
* Strong communication skills with customers over phone, email, or ticketing system.
* Implement technical capabilities including IAM solutions and application integrations, to enhance enterprise security risk posture. 
* Manage, administer, and support the GSA IT MFA environment. 
* Manage, administer, and support ICAM systems and related support activities.
* Utilize automation and role-based management to ensure availability of access and continuity of services.
* Ensure requirements are gathered, processes defined, and use cases documented.
* Test and certify new product versions, bug fix and provide detailed reports.
* Providing on-call rotation support on a routine basis.
* Identifying process improvement opportunities for review and subsequent implementation.
* Providing positive customer service interactions for all levels of the organization up to and include senior executive staff.
* Provide support and administration of the GSA IT AD environment, systems, and associated data.
* Continuously review and assess the GSA IT ICAM environment and provide recommendations for how to manage and administer the environment more efficiently.
* Ensure that all Group Policy Management (GPM) changes are controlled and documented.
* Other operational support duties as assigned.
* Provide Proof of Concepts and Pilots for Advancing Zero Trust and final implementation to transfer Zero Trust integration to infrastructure engineering support.
* Developing new technologies to support existing applications or creating new applications using new technologies
* Participating in meetings with executives to discuss technical issues and propose solutions
* Collaborating with other members of the engineering team to design new features or improve existing ones
* Escalate issues to vendor and third-party entities, as necessary and directed by the Government.

Qualifications:

CONTRACT REQUIRED QUALIFICATIONS

This following are REQUIRED for this position:

* Public Trust Clearance 
* ITILv4 Foundation Training and ITILv4 Foundation Certification, may be obtained within 120 days after hire.
* 7+ year experience with IDMS systems.
* Minimum of 2 years engineering and supporting Okta solutions. 
* Subject matter expertise engineering and supporting Okta.
* Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. 
* Plans and leads major technology assignments. 
* Evaluates performance results and recommends major changes affecting short-term project growth and success. 
* Functions as a technical expert across multiple project assignments. 
* Design and develop solutions to complex applications problems, system administration issues, or network concerns. 
* Perform systems management and integration functions
* Proven ability to work independently in a full and/or partial remote environment with limited supervision and may supervise/lead others.
* Possess the ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff as well as clients.
* Maintain standard working hours per the DIGIT contract and to be available for meetings, and other collaborative efforts during working hours.
* Demonstrated ability to apply comprehensive knowledge across key tasks and high impact assignments with the ability to use practical experience and training to determine how to accomplish tasks.

CONTRACT DESIRED QUALIFICATIONS

The following are DESIRED for this position:

* Okta certified.
* Strong knowledge of the different identity and access management (IAM) concepts, technologies and authentication protocols.
* Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OAuth, OIDC, OpenID and REST APIs, and other security interfaces.
* Strong experience with Directories, SSO, Federation, Delegated administration, API gateways, SOA services.
* Active Directory including but not limited to: 
* Microsoft Active Directory
* Azure Active Directory
* NetIQ DRA
* NetIQ Group Policy Administrator (GPA)
* Active Directory Lightweight Directory Services
* Vulnerability Mitigation

* Identity Management services operations including but not limited to: 
* SailPoint IdentityIQ 
* SecureAuth
* SAML 2.0
* Forefront Identity Manager/Microsoft Identity Manager
* Active Directory Federation Services

* Experience with Splunk engineering and administration.
* Privileged access management (PAM) systems such as CyberArk.
* Hands-on experience with cloud computing services (O365/Microsoft Azure/AWS).
* Experience w
			
Share this job: