Description

The Digital Modernization sector within Leidos is seeking an Identity, Credential and Access Management Systems Engineer (formerly identity and access management / IdAM) to be responsible for the upkeep, configuration, and reliable operation of computer systems in support of DISA's Compartmented Enterprise Services Office (CESO) NOC. The Systems Engineer will to contribute to the deployment and maintenance of an ICAM solution to serve as a comprehensive Identity as a Service (IDaaS) platform for CESO.

Primary Responsibilities

• Deploy and maintain the ForgeRock IdP (identity and access management platform).
• Implement identity access management and controls, to include single sign on, identity federation, enterprise directory architecture, and resource provisioning.
• Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
• Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
• Understand complex business and information technology management processes
• Install, integrate, and deploy ForgeRock products in client environments using
• Communicate to clients and partners aspects of both the product and the implementation at the technical and functional level appropriate for the situation.
• Work with the Identity Access Management team to continue making enhancement to the Identity Access Management program.
• Work closely with development teams to perform user management, group management and password management requests.
• Create and maintain Identify Access Management metrics.
• Document various system access for all Users
• Support efforts regarding audit findings, adherence to compliance and organizational change.
• Responsible for working to resolve ForgeRock system issues escalated within the service level agreement.
• Ability to create, and modify CONOPS, and Standard Operating Procedure documents

• BS in computer science or IT and 8+ years of experience. Add'l experience may be considered in lieu of degree.
• IAT Level II Baseline Certification (e.g. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Candidate must possess an Active TS/SCI clearance and ability to obtain and maintain CI Poly
• Experience with federation protocols (SAML, OAUTH, OpenID) and zero trust principles
• Experience with the ForgeRock platform
• Knowledge of Identity and Access Management platforms
• Knowledge of Linux Operating Systems
• Excellent written and oral communication skills
• Ability to work effectively with both technical and non-technical audiences
• Demonstrated ability to work in a complex, fast paced environment

• Prior experienced with DISA and DISA's support to mission partners
• TS/SCI w/CI Poly Preferred

• Experience with: JISG Access Controls, Amazon Web Services, Ansible playbooks