Deloitte Active Directory-Senior Consultant in Arlington, Virginia
Deloitte Digital Identity Sr Solution Delivery Lead
We are looking for an experienced, passionate pioneer in technology - a solutions builder, a roll-up-your-sleeves technologist who wants a daily collaborative environment, think-tank feel and to share new ideas with your colleagues and who will help lead the way for our transformation of our Digital Identity platform.
Work you'll do
• Multitask and switch gears to meet changing priorities and tasks to accomplish goals/objectives.
• Work in a distributed team environment where team members are spread across numerous locations and often communicate virtually.
• Support a flexible work schedule (to include nights and weekends on occasion).
• Comfortable performing task lead responsibilities for small to medium software projects.
• Hands on experience in directory administration (groups, OU, user management, replication)
• Identifying and fixing errors / issues with the LDAP directories such as Active directory, Azure AD and UnboundID / Ping Directory.
Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory's Cyber Risk Services practice.
• 2 years plus experience in one or more of the following areas:
o Windows Active Directory, Azure AD, Ping Directory (formerly UnboundID) server
o Administration of any LDAP directories, API gateways or directory proxies
o Experience with configuring directory servers, java plugins and replications in multi-master directory environments
o Configuration and administration of Ping Data Governance or any other data governance products
o Configuration of directory schema, password polices, XACML extensions, ACIs and directory plugins
o Configuration of SCIM1.1 or SCIM2.0 protocols for provisioning
o Experience with Ping Data Sync Engine to sync data between multiple diverse directories
o Experience with Ping Data Governance configuration objects such as store adapters, SCIM resource types, Token validation and authorization policies
• Understanding of basic network and infrastructure systems' design
• Excellent Oral and Written Communication skills - ability to communicate complex technical concepts to cross-functional audiences.
• Limited immigration sponsorship may be available
• Ability to travel 15%, on average, based on the work you do and the clients and industries/sectors you serve.
• Bachelor's degree, preferably in Computer Science, Information Technology, Computer Engineering, or related IT discipline; or 2+ Years of equivalent experience.
• Experience installing, configuring and supporting Directory servers and Ping Data Governance
• Hands on experience with integration, troubleshooting, log analysis, break-fix of above mentioned products and services
• Identity Management familiarity in one or more of the following areas:
o Single Sign On
o Identity Federation
o Enterprise Directory Architecture and Design including directory schema, namespace and replication topology experience
o Role Base Access Control
o Attribute and Policy based Access Control (ABAC + PBAC)
• Good understanding of Access Management processes - Defining Access policies, Configuring headers and access tokens and manage api credentials.
• Working knowledge of Dev OPS tools, usage of directory APIs for scripting and automation of configs for migration and deployment
• Troubleshooting of issues through analysis of logs through SIEM tools such as Splunk or SumoLogic
• Experience integrating in one or more of the following areas:
o Directory solutions (AD, Azure AD, Ping Directory)
o Monitoring solutions (Splunk, Sumo Logic, RSA, others)
o SSO solutions (SiteMinder, Ping Access, Ping Federate, others)
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.