11/7/2017 District of Columbia

Details

OCTO- SAML, SSO, MFA SecEng

515110

District of Columbia

ITCV1 : 4-Master

OCTO- SAML, SSO, MFA SecEng

Open

District of Columbia

1

11/27/2017

11/13/2017

4

200 I Street SE, Washington DC

Both Webcam and In Person

No

No

0

Contract

The Identity and Authentication Security Engineer will be responsible for technical supportto security technologies supporting implementation and operations of multi-layer secureauthentication infrastructure (SAML, SSO, MFA).

The primary role of the Identity and Access Management Security Engineer will be theimplementation, deployment and maintenance of the Secure Authentication, AccessManagement Systems, and Identity as a Service (IDaaS) technologies. Specifically, he/shewill implement, deploy and maintain one or more of the following Security Assertion MarkupLanguage (SAML) and Single Sign On (SSO) technologies: SecureAuth, Microsoft, CiscoACS, OneLogin. He/she will Partner with system and application teams to develop/createEnterprise Architecture integration strategies that allow secure access across districtprograms and applications. Provide support services to define security requirements,

Title:

Req ID:

Region:

Requisition Details

Req. Class:

Title:

Req. Status:

Region:

No. of Openings:

Start Date:

No New SubmittalsAfter:

Max Submittals byVendor per Opening:

Worksite Address:

Agency InterviewType:

Advanced TechnicalScreening Required?:

Existing IncumbentResource?:

No. Filled:

Requisition Description

Engagement Type:

Short Description:

Complete Description:

11/7/2017 District of Columbia

Required/Desired Skills

identify the appropriate configuration for each unique District environment, and performtasks associated with the day-to-day operations and maintenance on installed CyberSecurity systems and applications. Required Skills • Experience with SecureAuthentication, Access Management Systems, and Identity as a Service (IDaaS)technologies deployment and operation • Experience with Security Assertion MarkupLanguage (SAML) and associated Single Sign On (SSO) technologies: SecureAuth,Microsoft, Cisco ACS, OneLogin • Experience with Active Directory, LDAP, Radius, NTLM,SAML, AADL, IWA and Open directory platform • Experience with Wireless Authentication,OTP and multi-factor authentication platforms • Experience with strong authenticationtechnologies and protocols (PKI, S/Mime, SSL) • Experience with Managed Public KeyInfrastructure (PKI) Solution, deployment and operation • Troubleshooting, Scanning &Analysis tools • Networking and Network Operations Qualifications • Bachelor of Science inElectrical Engineering, Computer Science, Information Technology, or equivalent datasecurity and networking experience required • CISSP, CISM, or relevant Vendortraining/certification preferred • Background check and credit check will be requiredExperience and Skills Specific knowledge, skills, and abilities required by the incumbent tosuccessfully fulfill the Major Duties and perform the Tasks required for this position include:• Server Administration background – Windows and/or Linux/Unix • Knowledge of networksecurity architecture concepts, including topology, protocols, components, and principles(e.g., application of defense-in-depth). • Knowledge of defense-in-depth principles andnetwork security architecture. • Knowledge of communication methods, principles, andconcepts that support network infrastructure • Skill in implementing the methods,standards, and approaches for describing, analyzing, and documenting an organization'senterprise IT architecture • Skill in analyzing and securing an enterprise architecture •Knowledge of engineering concepts • Skill in integrating and supporting information systemsecurity architecture Specific Tasks • Analysis, design, configuration, implementation,documentation and operation of Intrusion Prevention System devices. • Manage systemdeployments, upgrades, ongoing maintenance and operations. • Configuration andoperation of security device authentication, management & logging platforms. • Assist inrequirement gathering related to implementation of security infrastructure technologysolutions across enterprise and service provider networks. • Provide Tier3 support for NOCpersonnel troubleshooting network issues. • Identify, troubleshoot, and resolve complexnetwork connectivity issues as well as advise on network security related issues. • Provideoccasional off-hours support for planned maintenance work and unplanned support issues.May occasionally require on-site work at a data center during off-hours. TravelRequirements: • No travel anticipated --------------------------------------------- CONTRACT JOBDESCRIPTION Responsibilities: 1. Coordinates IT project management, engineering,maintenance, QA, and risk management. 2. Plans, coordinates, and monitors projectactivities. 3. Develops technical applications to support users. 4. Develops, implements,maintains and enforces documented standards and procedures for the design,development, installation, modification, and documentation of assigned systems. 5.Provides training for system products and procedures. 6. Performs application upgrades. 7.Performs, monitoring, maintenance, or reporting on real- time databases, real-time networkand serial data communications, and real-time graphics and logic applications. 8.Troubleshoots problems. 9. Ensures project life-cycle is in compliance with Districtstandards and procedures. Minimum Education/Certification Requirements: Bachelor’sdegree in Information Technology or related field or equivalent experience

OCTO - 200 I Street, SEWashington DC 20003

OCTO - Office of the ChiefTechnology Officer

Prior experience as technicalsupport to security technologiesfor implementation, evolution andoperations of the authenticationinsfrastructure

Required 5 Years

Experience with Secure Required 5 Years

Skill Required /Desired Amount of Experience

Client Information

Work Location: Cost Center:

Required /Desired

11/7/2017 District of Columbia

Authentication Systems,deployment and operation

Experience with Managed PublicKey Infrastructure (PKI) Solution,deployment and operation

Required 5 Years

Experience with strongauthentication technologies andprotocols

Required 5 Years

Prior hands on experience withSSL

Required 5 Years

Experience with Active Directory Required 5 Years

Experience with LDAP Required 5 Years

Experience with Radius Required 5 Years

Experience with NTLM Required 5 Years

Experience with SAML Required 5 Years

Experience/familiarity with one ormore of these technologies: RSASecure ID, Cisco ACS,SecureAuth, OneLogin, Okta

Required 5 Years

16+ yrs planning, coordinating,and monitoring project activities

Required

16+ yrs leading projects, ensuringthey are in compliance withestablished standards/procedures

Not Required

Bachelor’s degree in IT or relatedfield or equivalent experience

Required

Question 1 Absences greater than two weeks MUST be approved by CAI management in advance, and contactinformation must be provided to CAI so that the resource can be reached during his or her absence. TheClient has the right to dismiss the resource if he or she does not return to work by the agreed upon date.Do you accept this requirement?

Question 2 Please list candidate's email address that will be used when submitting E-RTR.

Question There are no reimbursable expenses. Do you accept this requirement?

Question Has the candidate worked as and Engineer or Integrator (not PM) in the past 18 months forSSO/MFA/TFA projects using Security Assertion Markup Language (SAML) technologies: SecureAuth,Microsoft, Cisco ACS, OneLogin.

Description

Questions