• Privilege Access Management (PAM) Engineer/Developer

    Job Location(s) US-AZ-Tempe
    Posted Date 3 months ago(11/5/2019 7:01 AM)
    Job ID
    2019-31909
    Category
    IT Infrastructure
    Position Type
    Contract (Full-Time)
    # of Openings
    1
  • Overview

    This position supports the efforts of the Privileged Access Management project. The project will design, build and implement next generation Privileged Access security controls. The candidate will be expected to have design and engineering experience in numerous areas of Identity & Access Management and Privilege Access Management methodologies and solutions.

    Responsibilities

    As a Privilege Access Management (PAM) Engineer/Developer, you will

     

    • Work with IT infrastructure teams to build the PAM solutions to integrate with other IT enterprise systems
    • Helps engineer solutions to ensure that PAM solutions and services perform according to defined processes, meet defined policies and comply with information security requirements
    • Integrates PAM systems with third party solutions for provisioning, de-provisioning, identity authentication and systems resources authorization, access certification, and developing connectors between PAM and IAM tools and systems resources
    • Work with application developers and IT operations to develop, test, roll out and maintain enterprise-wide PAM solutions and services
    • Support in troubleshooting and resolving complex authentication, authorization and integration problems
    • Integrate and automate provisioning access using CA IdentityPoral
    • Integrate and automate certification access using RSA Aveksa
    • Design and develop in CA Identity Portal to support the request and provisioning workflow for the following:
    • Service account request for UNIX and Windows O/S
    • Service account request for databases and applications
    • User UNIX accounts management
    • Privileged accounts management
    • Design and develop with RSA Aveksa to recertify all access provisioned by IdentityPortal
    • Integrate CA IdentityPortal with Active Directory for service account creation and password management, groups and group memberships creations.
    • Integrate CA IdentityPortal with Enterprise systems such as GSI, CMDB and AD to manage ownership and approval workflow
    • Integrate CA IdentityPortal with CA PAM API's for privileged accounts and PAM policy configuration
    • Integrate CA IdentityPortal with CA PAM API's for accounts provisioning / de-provisioning
    • Customize forms in CA Identity Portal to support Privileged accounts and password management with CA PAM using API's
    • Customize forms in CA Identity Portal to support various use cases for different provisioning groups.
    • Write wrappers and customize CA PAM API's to support CA IdentityPortal workflow
    • Provisioning / De-Provisioning groups and roles using Rest API's
    • Integrate with RSA Aveksa to setup collections for roles and groups and memberships for recertification
    • Configure and customize workflows to support transfer and termination process for accounts managed and provisioned by IdentifyPortal
    • Assist in the review and architecture of new security for PAM solutions and ensure that the appropriate controls and tools are selected and operationalized.
    • Work closely with management, leads, peers; development teams, business analysts, and end users to ensure systems have appropriate access and governance controls and protection
    • Work closely with IT control and risk officers to ensure the enterprise PAM solutions are properly following policies and standards
    • Provide scripting expertise to automate critical PAM maintenance processes.
    • Monitor, troubleshoot and problem resolution of PAM service and related incidents.

    Qualifications

    • Bachelor’s degree in computer science, Business Administration or equivalent educational or professional experience and/or qualifications. An advanced degree is also preferred.
    • Certifications such as: CISSP, CISM, CRISC, or CISA certification a plus
    • 5+ years plus experience in documenting, developing, or implementing IAM systems
    • 5+ years plus with technical experience integrating identity management, access management and access governance software into clients' infrastructure and applications
    • 5+ years plus experience with installation, integration and deployment of IAM technology products
    • Must have strong technical architecture experience integrating multi-tiered applications, databases, LDAP and directory services, application servers, network infrastructure, and understanding security and dataflow within these components
    • Strong and solid understanding of testing and implementation lifecycles for identity access technologies including root cause analysis
    • Require experience in developing technical strategies, architectures, and roadmaps
    • Must have experience in creating MS Visio diagrams and workflow specs
    • Strong presentation skill and communication
    • Identity Management familiarity in two or more of the following areas:
    • Privileged Access Management
    • Access Certification
    • Provisioning/De- Provisioning
    • Application On-boarding
    • Single Sign On
    • Identity Federation
    • Multi-factor authentication
    • Experience in any of the Privileged Access Management tools – CA PAM, Dell Quest TPAM, Thycotic Secret Server, or CyberArk
    • Experience with Super-User Privilege Management solutions such as CA ControlMinder, BeyondTrust PowerBroker, Sudo, BoKS etc…
    • Experience in implementing enhanced security for accounts in Active Directory
    • Experience with CA IDP and RSA Aveksa
    • At least 3 years of solid experience in Privileged Access Management Systems
    • At least 3 years of solid experience in Identity Management Systems
    • At least 2 years of solid experience with CA IDM suite(CA Identity Manager, CA Identity Portal)
    • At least 3 years of solid experience with Java and JavaScript, must be comfortable to write and modify codes in this area
    • At least 2 years of experience with kettle script/PDI or other ETL tool
    • At least 1 year of experience with RESTful API webservice
    • At least 2 years of experience with MS-SQL
    • At least 1 year of solid experience with Powershell
    • At least 1 year of experience with LDAP/s
    • At least 1 year of experience with Unix shell script

     

    Qualifications Required:

    • 5 years of Java / JavaScript development experience
    • 5 years of CA IDM experience
    • Hands on experience on
    • CA Identity Portal
    • CA IDM workflow
    • Active Directory connector
    • TEWS(web service)
    • 5+ years plus experience in documenting, developing, or implementing IAM systems
    • 5+ years plus with technical experience integrating identity management, access management and access governance software into clients' infrastructure and applications
    • Must have technical architecture experience integrating multi-tiered applications, databases, LDAP and directory services, application servers, network infrastructure, and understanding security and dataflow within these components
    • Solid understanding of testing and implementation lifecycles for identity access technologies including root cause analysis
    • Experience developing technical strategies, architectures, and roadmaps
    • Identity Management familiarity in one or more of the following areas:
    • Privileged Access Management (CA PAM & CA PAM Server Control)
    • Access Certification
    • Provisioning/De- Provisioning
    • Application On-boarding
    • Single Sign On
    • Identity Federation
    • Multi-factor authentication
    • Experience in any of the Privileged Access Management tools - CA Xceedium, Dell Quest TPAM, Thycotic Secret Server, or CyberArk
    •  Experience with Super-User Privilege Management solutions such as CA ControlMinder, BeyondTrust PowerBroker, Sudo, BoKS etc…
    • Experience in implementing enhanced security for elevated accounts in Active Directory.
    • At least 3 years of experience in Privileged Access Management Systems
    • At least 3 years of experience in Identity Management Systems

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.