Remote Delinea Jobs (NOW HIRING)

Authentication & Access Management Sr. Engineer/Architect

The Identity & Access Management (IAM) team is looking for an Authentication & Access Management Sr. Engineer/Architect to implement the next-generation Identity solution for enterprise users.

General requirements:

• The person must be able to work in a team and independently.
• Able to understand the business requirements and convert them into technical artifacts.
• Able to work based on US Eastern or Central time zone.
• 100% remote work
• Team player

Position Summary:

The Identity & Access Management (IAM) Authentication & Access Management Sr. Engineer/Architect will join the team of Identity & Access Management (IAM) Architecture that is responsible to design & architect the Authentication & Access Management technology and solution in the Enterprise IAM space.

The person is responsible for the roadmap and enabling the next gen solution. The person is responsible to work with all different stakeholders and deliver IAM Authentication & access management solution design as per business requirements that includes Proof of Concept (POC) and documentation.

Technical requirements:

• Overall 15+ years of hands-on working experience in the Identity and Access Management area at the enterprise level.
• The person must be able to understand and gather business requirements, translate them to technical requirements and design the solution to meet the tactical and strategic approaches.
• The person must be able to produce architectural patterns and solution design documents.
• A hands-on technical experience is required to conduct the POC and solution design in a development environment.
• Must have the ability to lead the discussion with various folks including business, engineering, and operation teams.
• The person must be an expert in Authentication & Access Management area and related technology.
• Authentication space (12+ years):
• Multi-factor authentication (MFA) including password less MFA
• Security knowledge of various technology & protocols - FIDO, PKI, Mobile MFA, OTP, FIDO key, Biometric authentication, behavior & risk-based authentication
• Implementation experience of different solutions with web, mobile, computer (laptop, etc.), infrastructure, and API authentication use cases.
• Mobile security knowledge is a plus.
• Must have LDAP and Active Directory integration experience.
• Access Management space (10+ years):
• Expert level experience of Identity Federation & Single Sign-On (SSO)
• Expert knowledge of implementing SAML, OpenID Connect (OIDC), and OAuth 2.0
• Must have the experience of building the policy driven access control using orchestration including continuous access control
• Identity gateway (proxy) and similar implementation knowledge
• Integration with cloud and on-premises systems including Azure AD, GCP, Salesforce, etc.
• Zero Trust space (2+ years):
• Knowledge of zero trust concept
• Should have working experience building zero trust solution using ZScaler or equivalent product.
• A good understanding of network security, application firewall, application proxy and data protection including CASB solution.
• Privileged Access Management (2+ years):
• Should have working experience in Password vault, platform access, endpoint access, and elevated access control.
• Should have working experience in enabling PAM solutions for servers, databases, Kubernetes, Cloud PaaS, Cloud IaaS, and other systems with a good understanding of PAM security controls.
• Should have REST API and JSON working experience.
• Working knowledge of some of the IAM products is required.
• PingIdentity (PingFederate, PingMFA, PingRisk, Davinci), ZScaler, Delinea, BeyondTrust, ForgeRock, SiteMinder, Entra ID, etc.
• Preferred:
• CISSP certification
• Development experience in any of the technologies, Java, Powershell, etc.
• Azure and GCP cloud experience are a plus.
• Required Skills:
• Technology Requirements:
• Java Development: Experience with Java-based development in microservices architectures.
• API Integration: Strong knowledge of working with RESTful APIs, especially in integrating IAM solutions like Ping.
• Web Application: Development of front-end portals and back-end services for IAM (e.g., self-service password management).
• IAM Core Knowledge: A solid understanding of IAM concepts, even if the candidate is not an expert in Ping Identity. They should be able to work with Ping Identity APIs to integrate various authentication and authorization processes.
• Microservices: Experience working with microservices and implementing them in IAM-related systems.