IT Security Engineer (Identity & Access)

HRU Technical Resources is partnering with a major defense contractor to help hire an IT Security Engineer (Identity & Access) to support our Enterprise Identity Management Service. In this role, the candidate will leverage their experience in Identity and Access Management (IAM) to support systems infrastructure, hardware, and software.

Responsibilities:

• Analysis, planning, design, development, implementation, upgrades, and day-to-day operations.
• Maintaining and implementing federation services for both on-premise and cloud environments.
• Collaboration with application owners to extend single sign-on solutions to new and existing applications is a key aspect, along with working with SMEs and other engineers.

Required:

• This role will be under a major defense contractor. As such, all candidates must be eligible for a secret security clearance. Secret clearance eligibility requires US Citizenship (no exceptions) and the ability to pass a background check. Please note, clearance is not required for this role (only eligibility). This role is not open to C2C (corp2corp) or C2H (corp2hire).
• Over 6 years of experience in IT, including identity access management, large-scale global environments, and IT security.
• 2+ years of experience with Federation (single sign-on) application implementation (e.g., Ping Identity, Okta, Microsoft Azure), Linux Servers, Windows servers, and workstations.
• In-depth knowledge of SAML 2.0.
• Good communication skills.
• Ability to comprehend complex concepts.
• Ability to work independently and as a team.
• Experience with SIEM tool, preferably Splunk.
• Experience with troubleshooting Federation Logs.
• Experience with Active Directory and LDAP.
• Strong analytical and problem-solving skills, ability to learn new concepts quickly.
• Self-motivated with excellent interpersonal skills, strong work ethic, highly effective communicator.
• Excellent organizational skills.
• Experience with technical writing to create process documents, training, and formal documentation for compliance/audits.

Preferred:

• Experience troubleshooting Federation logs in a SIEM tool, preferably Splunk.
• In-depth knowledge of Ping Identity Products (e.g., PingFederate, PingOne, PingID, PingAccess).
• Bachelor's degree in CS, IT, or an Engineering discipline.
• In-depth knowledge of WS-Federation, OAuth 2.0.
• Knowledge of Identity Governance.
• Knowledge of compliance regulations (CMMC and FedRAMP).
• Agile project methodology.
• Knowledge of scripting or programming languages (PowerShell, JavaScript, Python).
• Knowledge of Multifactor Authentication (MFA) solutions as well as passwordless.
• General Networking Knowledge of large scale global environments (LAN, WAN, etc.).
• Knowledge of Exostar.

Education:

• High School Diploma or GED at a minimum. Higher level education (eg: Bachelor’s or Master’s in a relevant IT field) are preferred.

Other Info:

• This role will be on a 9/80 schedule. 9 hour work days (generally 8am to 6pm eastern time, every other Friday off).
• This role will be managed out of a facility in York, PA but is open to 100% remote employees. We prefer candidates who are located in the eastern time zone (but any candidates willing to work during the above mentioned hours are acceptable).
• There may be occasional overtime, any OT will be paid at 1.5x
• All candidates must pass a background check and drug screen for this role. Drug screen will include cannabis (regardless of candidate location, state laws, or medical cards).

EOE (including Disability/Veterans)