Defense Point Security
  • San Antonio, TX, USA
  • Full Time

Do you want to work for a company that is passionate about security and has a fun, start-up culture with large company perks? Do you want to be in an environment where you will continuously learn new skills, grow and take on new opportunities due to the abundance of new projects on the horizon?

If you answered yes to these questions, this opportunity could be for you! 

Defense Point Security offers a competitive benefits package to include:

  • Medical, Dental, Vision Insurance Premiums are 100% paid by DPS for employee and eligible dependents
  • Personal Accident Insurance paid by DPS
  • Life Insurance paid by DPS
  • Short- and Long-Term Disability Insurance paid by DPS
  • 401k Contribution Matching and 100% vested after 90 days
  • Flexible Spending Accounts 
  • Commuter Assistance
  • Paid Time Off starting at 3 weeks a year (15 days)
  • 10 paid Federal Holidays
  • Capital BikeShare Membership for DC Metro Area
  • Reimbursement for qualifying training expenses
  • Flexible / Alternative Work Schedules

Defense Point Security is currently seeking an Identity & Access Management Cloud Engineer in San Antonio, TX.

Job Responsibilities:

  • Helping design, plan, implement and support strategic initiatives in Identity & Access Management for use by its CMPS team members and CMPS tenants.
  • Participate in requirements gathering sessions, support development of well-defined statements of work and specification documents, and support driving projects to successful deployment by leveraging internal resources.
  • As needed, perform comparative analysis of multiple technologies and vendor offerings to evaluate fit to function for incorporation into CMPS infrastructure.
  • Support CMPS security services to include SME role assisting Attribute-Based Access Control and Secure Token Service issuance.
  • Support requirements management, oversight, updates, discrepancy reports and requests for change (RFCs).
  • Coordinate/collaborate with stakeholders regarding policy, development and governance.
  • Support analysis of new IAM technologies.
  • Facilitate app enablement with IAM services.
  • Provide guidance regarding changes to the AD schema.
  • Manage and maintain standardized Organizational Units (OU) in AD.
  • Manage and maintain AD custom attributes and security groups.
  • Manage AD sites and subnets, including site replication.
  • Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff and tenant users, consistent with job requirements (i.e. server, common Microsoft products such as SharePoint, Teams and other group policies as requested).
  • Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected and understand the effect of any change to group policy.
  • Manage the AD database, System Volume (SYSVOL).
  • Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.
  • Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools.
  • Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts.
  • Provision, modify, and deprovision user and administrator accounts for CMPS upon receipt of approved access or deprovisioning request, based upon location, role, or both.
  • Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.
  • Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.
  • Manage and maintain delegation of permissions.
  • Follow CMPS policy and procedures for account management to create, modify, or delete accounts and account permissions.

Job Qualifications:

  • This position requires US Citizenship due to our Federal contractual obligation
  • 5 Years experience in architecting IAM solutions leveraging industry leading products in one or more of the following: CA SiteMinder, Tivoli Identity Management ForgeRock Identity Management, OneLogin or SailPoint IQ.
  • 5 Years experience in working with Microsoft Active Directory including user account management and implementation of services to Microsoft-Based Platforms.
  • 5 years AD Security & Design Architecture
  • 3 years experience implementing IAM solutions in cloud environments on AWS and Azure platforms.
  • 3 Years experience in working with requirements teams translating IAM business processes including user provisioning and access management with knowledge of authentication and federation protocols including SAML (different implementations and flavors Oauth, MiniOrange, etc.) and ADFS.
  • 3 years Encryption, RHEL Linux or variant distributions, Firewalls/WAF experience.
  • Highly proficient in the core IAM principles including identity provisioning, authentication and authorization services, and implementation of directory services.
  • Experience supporting authentication services including firewall and web services, Kerberos constrained delegation, and single sign on.
  • Possess a broad understanding of web services including troubleshooting internal and external sources. Must include an understanding of protocols for web traffic, troubleshooting, and diagnosing of connectivity issues.
  • Requires working knowledge of Privileged Account Management (PAM) system and application administration.
  • Experience with Lightweight Active Directory Protocol (LDAP) and Secure Lightweight Active Directory Protocol (LDAPS).
  • General understanding of Structured Query Language (SQL), PowerShell and Python.
  • General understanding of RSA management and support.
  • Understanding of Attribute-Based Access Control design patterns as implemented by various vendors.

Preferred Qualifications:

  • Bachelors degree
  • Experience designing and managing IAM schemas to support a Managed Service Provider (MSP) structure in both a single and multi-tenant model.
  • Experience with ITIL processes
  • Experienced in deploying solutions in federal environments including knowledge of NIST, FISMA, FedRAMP and/or DoD regulations.
  • Working knowledge of Service Now Ticket Management Systems
  • Security+ Certification, MCSE, MCSA, CISSP, CISM, or greater

 

Job Location: San Antonio, TX

Position Type: FullTime/ Regular

All candidates must be clearable.

To see other locations please see the Security Engineering Career Menu on defpoint.com

Defense Point Security is an Equal Opportunity / Affirmative Action Employer. We are committed to hiring and retaining a diverse Community workforce. DPS gives equal consideration to all qualified candidates without regard to race, color, religion, creed, gender identity, national origin, sex, pregnancy, marital status, age, sexual orientation, disability, veteran status, or any other protected class. 

 

Defense Point Security
  • Apply Now

    with our quick 3 minute Application!

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page
  • Facebook Twitter LinkedIn Email
.
Logo Home Corporate Info Services R&D DPS News Careers Search