Sandia National Laboratories R&D S&E, Identity & Access Management Computer Engineer (Experienced) in Albuquerque, New Mexico
We are seeking an experienced Computer Engineer with expertise within Identity and Access Management (IAM) to lead our cloud identity effort.
By utilizing applied research, engineering principles and scientific method, in this position, you will be called upon to:
- Research, architect, design, develop and support existing and upcoming identity and access related platforms and infrastructure for services such as: enterprise single sign on, web single sign on, federated identity management, cloud single sign on, authentication and multi-factor authentication, authorization, and directory services solutions into Identity and Access Management Infrastructure.
- As a member of this team, you’ll identify the right mix of tools and techniques to translate your customer’s needs and future goals into a plan that will enable secure and effective solutions.
- You will come up with the best solution, by researching new techniques, break free from the legacy model, and go where the industry is leading.
- You will learn how to take a critical approach to IAM, providing alternatives and integrations to maintain a balance of security and mission needs.
- A Master’s Degree in Computer Science, Computer Engineering or related field; or equivalent experience.
5+ years experience with implementing identity and access management solutions using at least two or more of the following:
Authentication Protocols (Kerberos, SAML 2.0, OAuth 2.0, OpenID Connect etc…)
- PKI infrastructure and Certificate Based Authentication
- Multifactor Authentication Principals and Methodologies
- Single Sign On Principals and Methodologies
- Application Integration, HTTP and REST
- Active Directory, LDAP and Group Management
- Federation Principals and Methodologies - ADFS (Active Directory Federation Service)
- Least Privilege Access
- Privilege Access Management
- Azure AD
- OS Windows,
- OS *NIX
- Office 365
- Experience in the PowerShell scripts
- Knowledge and experience in Data Security and privacy concepts
- Experience with design, development, implementation, deployment and support of Azure Active Directory solutions.
- Experience with authoring Cybersecurity guidance, including policies, strategies, and whitepapers.
- Experience with supporting IAM in a Cloud environment, including Azure or AWS.
- Experience with implementing PKI and PIV standards.
- Experience with HSPD-12, FIPS 201-2, FICAM, OMB 11-11, FedRAMP, PCI, FISMA, or NIST 800-53, 800-63, 800-79-2, or 800-157 policies and standards.
- Design and administration in various Identity Access Management (IAM), Role Based Accesses Control (RBAC), and Privileged Access Managements (PAM) platforms.
- Design and implementation of Microsoft Azure security tools including Azure Advanced Threat Protection (ATP), Office 365 ATP, Advanced Threat Analytics (ATA), and Microsoft Security and Compliance Center.
- Strong knowledge and of experience architecting complex large-scale systems incorporating packaged and custom applications.
- Knowledge of or certification in ITIL.
The focus of our organization is to provide secure access to data and application workloads currently on premises and as they migrate to the cloud. These services will be resilient, standardized, and simple, while meeting internal and external compliance requirements to enable IT solutions for Enterprise and Mission customers.
Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
- Challenging work withamazingimpact that contributes to security, peace, and freedom worldwide
- Extraordinary co-workers
- Some of the best tools, equipment, and research facilities in the world
- Career advancement and enrichment opportunities
- Flexible schedules, generous vacations,strongmedical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov
*These benefits vary by job classification.
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.