Senior PKI and CIAM Engineer
Apply NowCompany: Centraprise
Location: Marietta, GA 30062
Description:
Senior PKI and CIAM Engineer
Location Preference: Marietta, GA (Remote until client requirement. Be flexible for onsite/hybrid later (with 1-month prior intimation))
Fulltime Permanent
Note: Team is looking for candidates with strong hands-on experience on below skills. Need profiles urgently. Please call me if you have any questions.
PKI as primary skill. IAM is Secondary
What is PKI?
What are the components?
How the certificate works?
What is IAM?
What is lifecycle of IAM?
Who are we looking for?
Senior PKI and CIAM Engineer specialized in Certificate management - Entrust, Venafi, Microsoft & Google; CIAM - ForgeRock, Jenkins, Looker, Tableau.
PKI:
Experienced in both internal and external certificate management processes.
Experience with Microsoft certificate authority
Experience in enterprise Key Management, distribution, and administration
Good understanding of PKI architecture, including policies, standards, strategies, automation, and governance
Customer focus for supporting hundreds of USPS/ ISPA applications / services using thousands of certificates.
Strong understanding of AD and exchange
Knowledge on PKI/ Hardware Security Modules/ KMIP/ Certificate Management/ Cryptography
Experience with ServiceNow Change/Incident/Problem management
Strong communication skills in dealing with IT developers and system administrators.
Basic knowledge of IT security principles, HIPAA, SOX, and PCI regulations
Computer security, specifically in Windows/ LINUX OS environment.
Technical Skills:
Familiarity with leading IAM concepts such as Least Privilege, Privileged Access, Roles and Data mining, Segregation of Experience in Identity and Access management in ForgeRock (OpenAM, OpenDJ, OpenIDM, OpenIG and their extensions with custom Java code Java development)
Engineering , enhancements & upgrades
Experience in SAML, OAuth, Open ID Connect protocols.
Experience in creating Looker, Tableau Dashboards
Experience in Jenkins
Implement authentication and authorization flows through Identity and Access Management Systems
Build API(s) which can be consumed through omni channel interfaces like Traditional Web Apps, Single Page Application Frameworks, Mobile, B2B systems, etc.
Process Skills:
Performing daily health checks of the Active Directory Certificate Services(ADCS) Server and Services to analyze potential alerts, warning and risk to infrastructure.
Maintain Certificate Inventory, management of issuance, revocation, and renewal of certificates (Internal & external).
Access control to certificate templates.
Manage Certificate Features & Policies, document Key & Certificate Management Policies and updated periodically.
Co-ordinate with the infrastructure/ application team to get the required certificate request file.
Support Alert management (Alerts through enterprise monitoring)
Capacity management along with Engineering, enhancements & upgrades
Support provisioning, de-provisioning, access validation, authentication, and troubleshooting
Provide support for IAM operational incidents and request.
Workflow, Policies, and rule creation
Troubleshooting rules and workflow failure issues
Patching support for CIAM tool
Service restart for CIAM tool
Investigate queries related to CIAM platform.
Realtime monitoring of CIAM tool.
Alert management (Alerts through enterprise monitoring) for CIAM tool.
Behavioral Skills:
6+ years of professional experience working with Public Key Infrastructure & Identity Management solution.
Effective interpersonal, team building and communication skills.
You have a clear understanding of Certificate Lifecycle Management and Identity Lifecycle Management (provisioning, de-provisioning, authentication)
You have a clear understanding of Identity Governance and Administration (IGA) with regards to access requests, integrations, provisioning, entitlements, and reporting
You possess strong analytical and problem-solving skills and demonstrable ability to work independently as well as in a team environment.
Excellent verbal and written user documentation skills
Ability to communicate complex technology to no tech audience in simple and precise manner.
Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers, be able to follow instructions, make a team stronger for your presence and not weaker.
Ability to see the bigger picture and differing perspectives; to compromise, to balance competing priorities, and to prioritize the user.
Desire for continuous improvement, of the worthy sort; always be learning and seeking improvement, avoid change aversion and excessive conservatism, equally avoid harmful perfectionism, "not-invented-here" syndrome and damaging pursuit of the bleeding edge for its own sake.
Learn things quickly, while working outside the area of expertise.
Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design.
Ability to communicate complex technology to no tech audience in simple and precise manner.
Certification: (Optional):
Venafi Security Administrator (VSA)
ForgeRock Certified Identity Management Specialist
ForgeRock Certified Access Management Specialist
Location Preference: Marietta, GA (Remote until client requirement. Be flexible for onsite/hybrid later (with 1-month prior intimation))
Fulltime Permanent
Note: Team is looking for candidates with strong hands-on experience on below skills. Need profiles urgently. Please call me if you have any questions.
PKI as primary skill. IAM is Secondary
What is PKI?
What are the components?
How the certificate works?
What is IAM?
What is lifecycle of IAM?
Who are we looking for?
Senior PKI and CIAM Engineer specialized in Certificate management - Entrust, Venafi, Microsoft & Google; CIAM - ForgeRock, Jenkins, Looker, Tableau.
PKI:
Experienced in both internal and external certificate management processes.
Experience with Microsoft certificate authority
Experience in enterprise Key Management, distribution, and administration
Good understanding of PKI architecture, including policies, standards, strategies, automation, and governance
Customer focus for supporting hundreds of USPS/ ISPA applications / services using thousands of certificates.
Strong understanding of AD and exchange
Knowledge on PKI/ Hardware Security Modules/ KMIP/ Certificate Management/ Cryptography
Experience with ServiceNow Change/Incident/Problem management
Strong communication skills in dealing with IT developers and system administrators.
Basic knowledge of IT security principles, HIPAA, SOX, and PCI regulations
Computer security, specifically in Windows/ LINUX OS environment.
Technical Skills:
Familiarity with leading IAM concepts such as Least Privilege, Privileged Access, Roles and Data mining, Segregation of Experience in Identity and Access management in ForgeRock (OpenAM, OpenDJ, OpenIDM, OpenIG and their extensions with custom Java code Java development)
Engineering , enhancements & upgrades
Experience in SAML, OAuth, Open ID Connect protocols.
Experience in creating Looker, Tableau Dashboards
Experience in Jenkins
Implement authentication and authorization flows through Identity and Access Management Systems
Build API(s) which can be consumed through omni channel interfaces like Traditional Web Apps, Single Page Application Frameworks, Mobile, B2B systems, etc.
Process Skills:
Performing daily health checks of the Active Directory Certificate Services(ADCS) Server and Services to analyze potential alerts, warning and risk to infrastructure.
Maintain Certificate Inventory, management of issuance, revocation, and renewal of certificates (Internal & external).
Access control to certificate templates.
Manage Certificate Features & Policies, document Key & Certificate Management Policies and updated periodically.
Co-ordinate with the infrastructure/ application team to get the required certificate request file.
Support Alert management (Alerts through enterprise monitoring)
Capacity management along with Engineering, enhancements & upgrades
Support provisioning, de-provisioning, access validation, authentication, and troubleshooting
Provide support for IAM operational incidents and request.
Workflow, Policies, and rule creation
Troubleshooting rules and workflow failure issues
Patching support for CIAM tool
Service restart for CIAM tool
Investigate queries related to CIAM platform.
Realtime monitoring of CIAM tool.
Alert management (Alerts through enterprise monitoring) for CIAM tool.
Behavioral Skills:
6+ years of professional experience working with Public Key Infrastructure & Identity Management solution.
Effective interpersonal, team building and communication skills.
You have a clear understanding of Certificate Lifecycle Management and Identity Lifecycle Management (provisioning, de-provisioning, authentication)
You have a clear understanding of Identity Governance and Administration (IGA) with regards to access requests, integrations, provisioning, entitlements, and reporting
You possess strong analytical and problem-solving skills and demonstrable ability to work independently as well as in a team environment.
Excellent verbal and written user documentation skills
Ability to communicate complex technology to no tech audience in simple and precise manner.
Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers, be able to follow instructions, make a team stronger for your presence and not weaker.
Ability to see the bigger picture and differing perspectives; to compromise, to balance competing priorities, and to prioritize the user.
Desire for continuous improvement, of the worthy sort; always be learning and seeking improvement, avoid change aversion and excessive conservatism, equally avoid harmful perfectionism, "not-invented-here" syndrome and damaging pursuit of the bleeding edge for its own sake.
Learn things quickly, while working outside the area of expertise.
Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design.
Ability to communicate complex technology to no tech audience in simple and precise manner.
Certification: (Optional):
Venafi Security Administrator (VSA)
ForgeRock Certified Identity Management Specialist
ForgeRock Certified Access Management Specialist