Do you want to work for a company that is passionate about security and has a fun, start-up culture with large company perks? Do you want to be in an environment where you will continuously learn new skills, grow and take on new opportunities due to the abundance of new projects on the horizon?
If you answered yes to these questions, this opportunity could be for you!
Defense Point Security offers a competitive benefits package to include:
Medical, Dental, Vision Insurance Premiums are 100% paid by DPS for employee and eligible dependents
Personal Accident Insurance paid by DPS
Life Insurance paid by DPS
Short- and Long-Term Disability Insurance paid by DPS
401k Contribution Matching and 100% vested after 90 days
Flexible Spending Accounts
Paid Time Off starting at 3 weeks a year (15 days)
10 paid Federal Holidays
Capital BikeShare Membership for DC Metro Area
Reimbursement for qualifying training expenses
Flexible / Alternative Work Schedules
Defense Point Security is currently seeking an Identity & Access Management Cloud Engineer in San Antonio, TX.
Helping design, plan, implement and support strategic initiatives in Identity & Access Management for use by its CMPS team members and CMPS tenants.
Participate in requirements gathering sessions, support development of well-defined statements of work and specification documents, and support driving projects to successful deployment by leveraging internal resources.
As needed, perform comparative analysis of multiple technologies and vendor offerings to evaluate fit to function for incorporation into CMPS infrastructure.
Support CMPS security services to include SME role assisting Attribute-Based Access Control and Secure Token Service issuance.
Support requirements management, oversight, updates, discrepancy reports and requests for change (RFCs).
Coordinate/collaborate with stakeholders regarding policy, development and governance.
Support analysis of new IAM technologies.
Facilitate app enablement with IAM services.
Provide guidance regarding changes to the AD schema.
Manage and maintain standardized Organizational Units (OU) in AD.
Manage and maintain AD custom attributes and security groups.
Manage AD sites and subnets, including site replication.
Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff and tenant users, consistent with job requirements (i.e. server, common Microsoft products such as SharePoint, Teams and other group policies as requested).
Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected and understand the effect of any change to group policy.
Manage the AD database, System Volume (SYSVOL).
Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.
Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools.
Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts.
Provision, modify, and deprovision user and administrator accounts for CMPS upon receipt of approved access or deprovisioning request, based upon location, role, or both.
Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.
Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.
Manage and maintain delegation of permissions.
Follow CMPS policy and procedures for account management to create, modify, or delete accounts and account permissions.
This position requires US Citizenship due to our Federal contractual obligation
5 Years experience in architecting IAM solutions leveraging industry leading products in one or more of the following: CA SiteMinder, Tivoli Identity Management ForgeRock Identity Management, OneLogin or SailPoint IQ.
5 Years experience in working with Microsoft Active Directory including user account management and implementation of services to Microsoft-Based Platforms.
5 years AD Security & Design Architecture
3 years experience implementing IAM solutions in cloud environments on AWS and Azure platforms.
3 Years experience in working with requirements teams translating IAM business processes including user provisioning and access management with knowledge of authentication and federation protocols including SAML (different implementations and flavors Oauth, MiniOrange, etc.) and ADFS.
3 years Encryption, RHEL Linux or variant distributions, Firewalls/WAF experience.
Highly proficient in the core IAM principles including identity provisioning, authentication and authorization services, and implementation of directory services.
Experience supporting authentication services including firewall and web services, Kerberos constrained delegation, and single sign on.
Possess a broad understanding of web services including troubleshooting internal and external sources. Must include an understanding of protocols for web traffic, troubleshooting, and diagnosing of connectivity issues.
Requires working knowledge of Privileged Account Management (PAM) system and application administration.
Experience with Lightweight Active Directory Protocol (LDAP) and Secure Lightweight Active Directory Protocol (LDAPS).
General understanding of Structured Query Language (SQL), PowerShell and Python.
General understanding of RSA management and support.
Understanding of Attribute-Based Access Control design patterns as implemented by various vendors.
Experience designing and managing IAM schemas to support a Managed Service Provider (MSP) structure in both a single and multi-tenant model.
Experience with ITIL processes
Experienced in deploying solutions in federal environments including knowledge of NIST, FISMA, FedRAMP and/or DoD regulations.
Working knowledge of Service Now Ticket Management Systems
Security+ Certification, MCSE, MCSA, CISSP, CISM, or greater
Job Location: San Antonio, TX
Position Type: FullTime/ Regular
All candidates must be clearable.
To see other locations please see the Security Engineering Career Menu on defpoint.com
Defense Point Security is an Equal Opportunity / Affirmative Action Employer. We are committed to hiring and retaining a diverse Community workforce. DPS gives equal consideration to all qualified candidates without regard to race, color, religion, creed, gender identity, national origin, sex, pregnancy, marital status, age, sexual orientation, disability, veteran status, or any other protected class.
Defense Point Security