Sr. Identity and Access Management Engineer (Sr. IAM Engineer)
Location: San Francisco, Seattle, Boston, Chicago or Richmond, VA.
Remote option: Yes, but you must live within a two hour drive to a Federal Reserve Bank.
Are you looking for a position where your talents can take us to the next level of technology in the identity and access management space, AND work for a company who has great benefits, values creativity and work life balance? If yes, the Federal Reserve Bank of San Francisco wants to talk to you!
The Information & Technology Services division needs a dynamic Identity and Access Management (IAM) Engineer to work within an organization that supports the Identity and Access Management Program for the Federal Reserve System. The IAM team is a collaborative organization which supports Federal Reserve Bank needs for security and compliance initiatives associated with identity and access life cycle management.
In this role, you will primarily be responsible for the implementation, integration and deployment of Identity as a Service (IDaaS). You will be the technical SME on the IDaaS solution tasked with implementing modern Single Sign On (SSO) and Access Management technologies for both on-prem and cloud based applications using one or more of the following: SAML, OAuth 2.0 and/or OIDC, SCIM.
The ideal candidate is a goal-oriented self-starter with the ability to collaborate across multiple IAM related work streams to develop and deliver integrated identity and access management solutions. You should have the ability to communicate effectively with senior technology and business leadership. Strong knowledge of information security will be crucial for this role.
Bachelor's degree from a four-year college or university or equivalent training and experience
The successful candidate must be a U.S. Citizen, U.S.
National, or hold a permanent resident status/ green card with intent to become a U.S. Citizen.
Experience with deploying an IDaaS solution to supply cloud-based or on-prem authentication and identity management for a large enterprise.
Must possess deep knowledge of IAM technologies and concepts
Experience leading or supporting IAM systems in complex environments.
In depth knowledge of authentication and authorization standards and protocols such as SAML, OAuth 2.0, LDAP, Kerberos, OpenID Connect etc.
Experience with Identity provisioning using modern protocols such as SCIM to integrate with on-prem IGA solutions.
Experience configuring and integrating IAM software with third party, and/or vendor supplied solutions
Experience with persistence technologies and protocols including SQL, LDAP.
Experience implementing Web application frontend, middleware and backend.
Experience with Java/.NET development with object-oriented analysis, design, and programming skills.
Experience with source code management and change control.
Comfortable working using an Agile software development process, such as Scrum
Requires capabilities in security requirements analysis and security architecture
Good understanding of network layer security, PKI concepts, and cryptographic technologies (i.e. hashing, signing, encryption, TLS, etc.)
Experience with service-oriented architecture for cloud-based services.
Experience implementing solutions leveraging Amazon Web Services (AWS) and/or Microsoft Azure
Ability to travel 10% (more if you will be a remote worker).
Excellent verbal and written communications skills
Comfortable communicating to clients and partners aspects of both the product and the implementation at the technical and/or functional level appropriate for the situation
Strong analytical and problem solving skills
Strong experience in working cohesively within a team and with staff in other departments
Demonstrated ability to effectively lead multiple concurrent requests. Assist users in defining requirements, learn new concepts and technical functions quickly, and produce clear and accurate documentation
Flexibility in accepting, and independently delivering, a variety of assignments with high quality solutions
Working knowledge of SailPoint IIQ or other Identity Management suites and directories including Active Directory, Oracle Enterprise Directory, and databases, SQL Server and Oracle
Experience with a leading IDaaS vendor such as Ping, Okta or OneLogin
Experience with a leading cloud provider such as AWS or Azure
At the Federal Reserve Bank of San Francisco we believe in the diversity of our people, ideas, and experiences and are committed to building an inclusive culture that is representative of the communities we serve. The Federal Reserve Bank of San Francisco is an Equal Opportunity Employer.
Federal Reserve Bank