Identity Management Engineer

Responsibilities for this Position

Location:

Any Location / Remote

Full Part/Time:
Full time

Job Req: RQ220544

Type of

Requisition :

Regular

Clearance Level Must Currently Possess:

None

Clearance Level Must Be Able to Obtain:

None

Public Trust/Other

Required:

NACI (T1)

Job Family:

IT Infrastructure and Operations

Job Qualifications:

Skills:

Identity Management (IdM), Oracle Identity Manager (OIM), Role Based Access Control (RBAC), Single Sign-On (SSO)

Certifications:

None

Experience:

5 + years of related experience

US Citizenship

Required:

No

Job Description:

GDIT is seeking a Identity Management Engineer for our Healthcare General Ledger Accounting System (HIGLAS) program at the Centers for Medicare & Medicaid Services (CMS).

Role

Description:

* Functional administration and maintenance of our 12c Oracle Identity Management application including Oracle Access Manager (OAM), Oracle Internet Directory (OID), and Oracle Identity Governance (OIG).

* Provide support to and participate in IAM continuous monitoring activities including monitoring new and removed identities, access and permissions changes, privilege escalation, bot activity, and other related activities.

* Support user access provisioning, authentication, and access management processes.

* Actively participate in troubleshooting sessions for OIG/OAM in Prod and Non-Prod.

* Develop and maintain system documentation, including standard operating procedures (SOPs) and configuration guides.

* Having a strong affinity toward security-oriented practices - including coding, to avoid creating vulnerabilities.

* Coordinate and collaborate with technical subject matter experts (SMEs) to ensure technical and operational security controls are operating as expected.

Requirements/

Experience:

* 5+ years' experience in the Identity & Access Management domain.

* Expertise in implementing, maintaining, and migrating OIG, OAM 12c components (Web Logic, OIM, SOA, BI, OAM, OAA, OARM), and OID 12c.

* Strong Java coding skills with proficiency in OIG/OAM APIs (REST and Java APIs) for custom development of webpages, scheduled job deployments, automations.

* Thorough understanding of authentication and authorization mechanisms, including Single Sign-On (SSO), Identity Federation, Multi-Factor Authentication (MFA), Entitlements, Security Assertion Markup Language (SAML), Open Authorization (OAuth), etc.

* Extensive exposure to SSO integrations - designing and implementing SSO solutions using OOTB and custom options with OAM or other Identity tools.

* Strong knowledge of identity and access management, role- and attribute-based access controls (RBAC/ABAC), segregation of duties, least privilege, privilege escalation, etc.

* Hands on development experience with Scheduled jobs, Adapters, Event handlers, Notifications, plugins and custom connectors (ICF/CI), web pages (for custom page development).

* Ability to troubleshoot, identify and resolve issues related to OIG/OAM in Prod, non-prod environments.

* Strong understanding of SQL queries - ability to write custom queries to support custom functionalities, create reports, resolve any issues with existing SQL objects.

* Experience with BI Publisher reports creation/updates/migration/maintenance.

* Ability to manage multiple deliverables simultaneously, without impacting deadlines. It is critical for you to be a highly motivated contributor who can track items to completion without constant reminders.

* Experience with LDAP directories (like OID, AD, etc.) and LDAP queries, and an ability to troubleshoot & resolve any issues (data or otherwise).

* Experience with BI Publisher reports creation/updates/migration/maintenance.

* Strong analytical, written, and verbal communication skills with the ability and comfort level to conduct presentations for existing customer audiences.

Additional Qualifications:

* Upgrade experience from FMW 12c to 14c

* Knowledge of Web Authn / FIDO2, device-level signaling, and other relevant Zero Trust identity functions.

* Relevant identity and access management certifications (e.g., CIAM, CIGE, etc.).

* Hands-on implementation experience with Oracle Access Manager (OAM) 12c - incl. Web Gate config/deployment and SAML, OIDC, OAUTH protocols.

* Experience in addressing audit requirements - specifically related to Certifications, user operations, access grants, request approvals, etc.

* Knowledge of Splunk, including the ability to independently investigate any logs for relevant issues.

.

Location:

Remote

Clearance:
Ability to pass CMS background check and meet the residency requirement for having resided in the US at least (3) three out of the last (5) five years.

What GDIT Can Offer You:

* Full-flex work week to own your priorities at work and at home, with core work hours Monday - Friday 9:00 AM ET - 3:00 PM ET

* 401K with company match

* Comprehensive health and wellness packages

* Internal mobility team dedicated to helping you own your career

* Professional growth opportunities including paid education and certifications

* Cutting-edge technology you can learn…