The candidate will work with the engineering team to assist in developing the architecture, design and standards of Identity Management infrastructures including Active Directory, SAML, ADFS, FIM, Azure, Meta-Directories, Enterprise Authentication, Single Sign-on and Provisioning systems. The candidate will assist in establishing standards for directory and application integration as well as implementing solutions to successfully integrate new technology with existing and new architectures.
The candidate must have senior engineering experience with Microsoft Active Directory, ADFS, FIM, O365 integration/migration, possess strong communication skills, and have the desire to learn the complexities of state government IT. The candidate will support and adhere to the guidelines, policies, and procedures for incident, problem, configuration and change management. As well as support ITIL Service Delivery processes.
Enterprise level Active Directory 2008/2012 experience in a large end-user environment (20K+ users)
Experience designing, implementing and supporting Identity Management/Directory Services technology within a large-scale environment
Strong knowledge & experience with Microsoft IAM Technologies including Active Directory Federation Services (ADFS) & MS Identity Management (FIM/MIM)
Hands-on experience with cloud computing services (O365/Microsoft Azure)
Extensive experience leading and designing Active Directory migrations, complex configuration scenarios and upgrade projects
Strong knowledge of the different authentication protocols: Kerberos, LDAP, RADIUS, SAML, OAuth
Understanding of what it takes to enable single-sign on in a heterogeneous IT environment
In depth knowledge of Active Directory 2008/2012, specifically around how identities are managed & applications are integrated for authentication
Experience developing policies, procedures, and technical training materials
Experience deploying and maintaining Active Directory Federation Services to enable single sign-on with claim-based applications
Hands-on experience with Microsoft Public Key Information Server (PKI)
Extensive experience managing/deploying Windows Servers 2008/2012, including VMware and Hyper-V virtual installations
Networking skills, especially around firewalls, reverse proxy and VPN access
Some basic programming skills, especially around how applications authenticate and authorize access independently of the programming language used