Location: Oak Ridge, Tennessee
Job Title: Identity and Access Management Engineer
Career Level From: Associate
Career Level To: Senior Specialist
Organization: Y-12 IT Infrastructure (51130472)
Job Specialty: System Architecture
A career at CNS can offer you the opportunity to make a personal impact on our nation. We recognize that excellent employees are absolutely critical for mission success, and to achieve that goal we are seeking an Engineer for Identity & Access Management to help improve and optimize our mission critical systems. We are looking for an experienced practitioner with demonstrated success to apply expertise through technical design, solution development, and implementation on mission critical systems. Help protect our national security interests at Y-12 and enjoy a career with a purpose!
The Identity Management Team is tasked with owning identity as a core function. Join us on our journey in transitioning to a Zero Trust Architecture for Identity. You will work in a team focused on various aspects of identity management and be part of an extended team of architects and engineers driving digital transformation. You will be engaged in every phase of development from requirements gathering and design activities to implementing and improving identity workflows and solutions. Your day to day will include research, evaluation, design, implementation, and maintenance of both system and product solutions.
As part of an identity-focused team, you will have opportunity to expand into various areas of identity management such as Directory Administration, Multi Factor Authentication, Identity Governance, SSO, Web Access Management, and Privileged Access Management. This is not a “keep the lights on” type of job – this is an opportunity to shape the digital identity future in a large and complex enterprise. If you are looking for a place to grow your skills and lead game-changing efforts, this team is looking for you.
Core Responsibilities:
• Design and implement applications, roles, provisioning plans, and workflows in SailPoint IdentityIQ to automate access management.
• Configure applications for authentication using PingAccess and PingFederate with SAML and OIDC.
• Onboard privileged accounts and use cases into CyberArk.
• Evangelize centralized authentication and provisioning as we move toward greater adoption of SaaS and IaaS as well as modernizing a fleet of in-house developed applications.
• Collaborate and contribute to our enterprise Zero Trust strategy.
• Introduce standard methodologies and principles to enable consistent delivery and enable alignment with long-term direction.
• Identify areas for automation and application of DevOps principles.
• Work within a team of identity-focused individuals to create solutions to advance the security and usability of digital identity within the enterprise
• Work with an extended team of business functional owners, architects, operations, and support personnel to ensure that solutions are well formed to business needs, well-engineered, operable, supportable, and maintainable.
If a range of Career Levels is posted, i.e., Senior Associate to Senior Specialist, internal applicants already in one of the Career Levels would come across at their current Career Level. Internal applicants currently in a lower level Career Level would move to the lowest posted Career Level.
Requires a Q clearance; however all qualified candidates will be considered regardless of their current clearance status. The ability to obtain and maintain a Department of Energy Q clearance is required.
Position may require entry into Materials Access Areas (MAA) and participation in the Human Reliability Program (HRP). If HRP is required, candidate must complete a counterintelligence-scope polygraph, pursuant to 10CFR 709. Medical requirements may apply.
CNS is a drug-free workplace. Candidates accepting a job offer will be required to pass a pre-placement physical, drug screening and background investigation. As an employee, you may be required to receive and maintain a security clearance from the United States Department of Energy in order to meet eligibility requirements for access to sensitive information or matter. U.S. citizenship is a requirement for security clearance applicants. All employees are subject to being randomly selected for drug testing without advance notification.
CNS is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, gender, sexual orientation, gender identity, age, religion, national origin, ancestry, genetic information, disability or veteran status.