Identity and Access Management Engineer (Infrastructure Specialist 2)

Schedule: Full-time

What you'll do:

Under the direction of the IOP Identity Systems Administrator, acts as team member of the IOP State Identity Team and resolves platform incidents related to Identity and Access Management (IAM) and/or Enterprise User Lifecycle Management (ULM).

Oversees the technical integration between IOP's Identity suite and the State's Active Directory instance.

Directly triages and resolves incidents, questions, issues, access requests, tasks as assigned as is related to:

IOP’s self service offerings (ex.: Citizen Invite, Audience Manager, Custodian Account Module, Privileged Access Management, External Workforce, Contractor Module).

User Account Lifecycle Management (ex.: modifies attributes, converts accounts)

Proactively monitors OH ID and Active Directory components for state workforce onboarding and offboarding functions to address provisioning issues before they are reported.

Responsible for configurations in Active Directory that impact user lifecycle with IOP’s identity environment.

Works in close coordination with Active Directory and OAKS teams on continuous configuration and application changes to mitigate impact and ensure steady-state services.

As assigned, assists agencies and/or higher-level staff with identity federation issues.

Works closely with agency IT professionals to ensure understanding of and are trained on IOP’s self-service software offerings.

Assists in root-cause analysis to isolate incidents and problems for critical IOP events.

Works closely with the State Operations teams to manage initial incident triage, problem record management, and aging tickets.

Coordinates with other technology teams (IOP Operations, DAS ISD, DAS OAKS, DAS OISP, agencies) to resolve complex issues. Assists in notifying/briefing the CSC/OISP on IOP major incidents. Maintains documentation of and recommends changes in processes or procedures to meet customer needs

Evaluates and/or researches hardware and/or software solutions and provides feedback to project team or higher-level staff

Assesses and advises IAM/ULM risk profile for agency applications interfacing with IOP identity platform.

Writes and maintains high level computer scripts & reports written in Korn Shell, Bourne Shell, C Shell, Perl, Powershell, Java, Javascript

Interfaces and/or performs work with other platforms from a hardware and/or software perspective.

Promotes system security and awareness by adhering to the Agency’s and/or State’s IT security policy(s) and Standards.

Responds to security incidents per agency policy/procedure. Stays current regarding new technologies, standards, and techniques.

Answers questions and presents informal mentorship opportunities to peers and/or lower level staff via conversation, observation, or technical documentation.

Minimum Qualifications:

48 mos. combined work experience in any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating multiple technology domains including 12 mos. work experience in the primary technology specified by the agency in the position description & job posting.

-Or completion of associate core program in computer science or information systems; 30 mos. combined work experience in any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating multiple technology domains including 12 mos. work experience in the primary technology specified by the agency in the position description & job posting.

-Or completion of undergraduate core program in computer science or information systems; 24 mos. combined work experience in any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating multiple technology domains including 12 mos. work experience in the primary technology specified by the agency in the position description & job posting.

-Or equivalent of minimum class qualifications for employment noted above. Note: The official position description on file with the designated agency is to reflect the required, primary technology directly relating to the duties of the position. Only those applicants possessing the experience in the required, primary technology listed in the position description & job posting are to be considered for any vacancies posted. The job posting must list the required technology commensurate with the position in question.

Job Skills: Information Technology

Primary Technology: Identity and Access Management

Knowledge:

Identity and Access Management principles

IBM Security Identity Manager (ISIM) – Lifecycle Management of User Identities

IBM Security Verify (ISV) and IBM Security Verify Governance (ISVG)

Enterprise Active Directory

ITIL principles

Skills:

Scripting – Microsoft PowerShell and/or Java

Forefront Identity Manager – De- sign, configure and management of Identity Lifecycle Management.

Application/infrastructure operations support

Incident and Problem Management

Issue and incident analysis and resolution

Abilities:

Critical thinking and problem solving

Communicate effectively orally & in writing with diverse groups