Job Description

TCI has an immediate need for a Senior Identity and Access Management (IDAM) Security Engineer in Colorado Springs, CO. This is not a Corp2Corp opportunity. This is a long-term contract opportunity with the probability of extension and possibility of hire. In addition to competitive, market-rate based pay, TCI provides all our Consultants with Comprehensive Medical/Dental Insurance, 401k, Life Insurance and Long-Term Disability benefits.
REMOTE WORK is available, Will need to be located near or in Colorado Springs CO, Southern VA, or San Antonio, TX to attend occasional meetings.
The senior IDAM Security Engineer will possess expertise in privileged access management and identity governance methodologies, best practices, and technologies. The Senior Security Engineer is responsible for role-mining, maintaining, administering, and supporting privileged access and identity governance solution, as well as ensuring that the security controls function is designed and in accordance with industry standards. The Security Engineer will install and configure CyberArk’s Privileged Access Security solution to monitor, detect, alert, and report privileged user activities and behaviors.
  • The candidate will support ongoing Identity and Access Management (IDAM) Projects and will actively participate in improving the overall security posture.
  • Lead the analysis and refinement of requirements, creation of technical documentation, product deployment and configuration, development of customized system enhancements and provide expert support.
  • Apply expertise in the installation and configuration of the CyberArk platform, including conducting routine solution maintenance activities, monitoring the health of the platform, and conducting daily proactive monitoring of the CyberArk production environment.
  • Monitor CyberArk to support any break fixes, upgrades, patches, and performance or integration related issues.
  • Maintain responsibility for scheduling periodic reports and addressing audit findings.
  • Support critical CyberArk functions, including maintenance, patch identification and publication, and upgrades of CyberArk and related modules.
  • Maintain responsibility for privilege user incident management support, user acceptance testing of privilege accounts, load testing, performance testing, and validation testing of the CyberArk solution.
  • Serve as an experienced technical resource for the team and customers in deployment, maintenance, and break/fix resolution of various technologies including, but not limited to: CyberArk Password Vault Web Access 11.x+, CyberArk Central Policy Manager 11.x+, CyberArk Privileged Session Manger 11.x+, CyberArk Digital Vault 11.x+, Microsoft Identity Manager 2016 SP2, Microsoft Active Directory, Public Key Infrastructure, Role-Base Access Control (RBAC), Multifactor authentication - PIV, CAC, Digital Badge, and/or OATH tokens (soft/hard).
  • 5-7 years of experience working in Identity and Access Management (IAM).
  • At least 3 years of working experience in deploying CyberArk Digital Vault, Password Vault Web Access, Central Policy Manager, and Privilege Session Manager to large enterprises.
  • Practical experience with Windows Certificate Authority PKI solutions, including Secure Socket Layer (SSL).
  • Bachelor’s Degree in a related field.
  • 3+ years of experience implementing, administering, and supporting privileged access and identity governance technologies and related infrastructure.
  • 3+ years of experience querying and binding objects in Lightweight Directory Access Protocol (LDAP).
  • 3+ years of experience administering Active Directory objects, architecture, and back-end infrastructure.
  • Familiarity with Microsoft Red Forest / Bastion.
  • Familiarity with network devices and architecture.
  • CISSP/CEH-level understanding of security methodologies pertaining to user access, authentication, and authorization.
  • Windows 2016 and 2019 Server OS installation, configuration, and deployment (MCSE certifications a plus).
  • Familiarity with diagnostic tools and analyzing data (Analyzing Error Logs).
  • 3+ years of proficiency with database querying languages and methods (SQL, MySQL, MongoDB, etc.).
  • Familiarity with Web 2.0 data parsing methods and protocols (REST, SOAP, OpenAPI, XML, JSON, etc.).
  • Demonstrable experience (at least two years working with enterprise production code) in applicable scripting languages (PowerShell, Javascript, Python, etc.).
  • Must possess or be able to obtain CyberArk Certified Deliver Engineer (CDE).
  • DoD 8570 Certified - IAT Level II or IAM Level II.
  • Relevant industry certifications highly desired (e.g., CISSP, CEH, CHFI, SSCP, CCSP, etc.).
  • Familiarity with ITIL, SDLC, and DevOps procedures and best practices (ITIL certifications a plus).
  • Excellent oral and written communication skills.
  • Must be able to obtain a Public Trust Security Clearance prior to start.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online