Deloitte Senior Consultant- IAM- Active Directory in Des Moines, Iowa
Deloitte Digital Identity Solution Delivery Lead We are looking for an experienced, passionate pioneer in technology - a solutions builder, a roll-up-your-sleeves technologist who wants a daily collaborative environment, think-tank feel and to share new ideas with your colleagues and who will help lead the way for our transformation of our Digital Identity platform.
Work you'll do
Multitask and switch gears to meet changing priorities and tasks to accomplish goals/objectives.
Work in a distributed team environment where team members are spread across numerous locations and often communicate virtually.
Support a flexible work schedule (to include nights and weekends on occasion).
Comfortable performing task lead responsibilities for small to medium software projects.
Hands on experience in directory administration (groups, OU, user management, replication)
Identifying and fixing errors / issues with the LDAP directories such as Active directory, Azure AD and UnboundID / Ping Directory.
Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory's Cyber Risk Services practice.
2 years plus experience in one or more of the following areas:
Windows Active Directory, Azure AD, Ping Directory (formerly UnboundID) server
Administration of any LDAP directories, API gateways or directory proxies
Experience with configuring directory servers, java plugins and replications in multi-master directory environments
Configuration and administration of Ping Data Governance or any other data governance products
Configuration of directory schema, password polices, XACML extensions, ACIs and directory plugins
Configuration of SCIM1.1 or SCIM2.0 protocols for provisioning
Experience with Ping Data Sync Engine to sync data between multiple diverse directories
Experience with Ping Data Governance configuration objects such as store adapters, SCIM resource types, Token validation and authorization policies
Understanding of basic network and infrastructure systems' design
Excellent Oral and Written Communication skills - ability to communicate complex technical concepts to cross-functional audiences.
Limited immigration sponsorship may be available
Travel up to 15% (While 15% of travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
Bachelor's degree, preferably in Computer Science, Information Technology, Computer Engineering, or related IT discipline; or equivalent experience.
Experience installing, configuring and supporting Directory servers and Ping Data Governance
Hands on experience with integration, troubleshooting, log analysis, break-fix of above mentioned products and services
Identity Management familiarity in one or more of the following areas:
Single Sign On
Enterprise Directory Architecture and Design including directory schema, namespace and replication topology experience
Role Base Access Control
Attribute and Policy based Access Control (ABAC + PBAC)
Good understanding of Access Management processes - Defining Access policies, Configuring headers and access tokens and manage api credentials.
Working knowledge of Dev OPS tools, usage of directory APIs for scripting and automation of configs for migration and deployment
Troubleshooting of issues through analysis of logs through SIEM tools such as Splunk or SumoLogic
Experience integrating in one or more of the following areas:
Directory solutions (AD, Azure AD, Ping Directory)
Monitoring solutions (Splunk, Sumo Logic, RSA, others)
SSO solutions (SiteMinder, Ping Access, Ping Federate, others)
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.