Job Description

Organization: Accenture Federal Services

Location:  San Antonio, TX

 

Accenture Federal Services, a wholly owned subsidiary of Accenture LLP, is a U.S. company with offices in Arlington, Virginia. Accenture's federal business has served every cabinet-level department and 30 of the largest federal organizations. Accenture Federal Services transforms bold ideas into breakthrough outcomes for clients at defense, intelligence, public safety, civilian and military health organizations.

 

We believe that great outcomes are everything. It’s what drives us to turn bold ideas into breakthrough solutions. By combining digital technologies with what works across the world’s leading businesses, we use agile approaches to help clients solve their toughest problems fast—the first time. So, you can deliver what matters most.

Count on us to help you embrace new ways of working, building for change and put customers at the core. A wholly owned subsidiary of Accenture, we bring over 30 years of experience serving the federal government, including every cabinet-level department. Our 7,200 dedicated colleagues and change makers work with our clients at the heart of the nation’s priorities in defense, intel, public safety, health and civilian to help you make a difference for the people you employ, serve and protect.

 

We are seeking an Identity & Access Management Cloud Engineer

Job Responsibilities:

 

·       Helping design, plan, implement and support strategic initiatives in Identity & Access Management for use by its CMPS team members and CMPS tenants.

·       Participate in requirements gathering sessions, support development of well-defined statements of work and specification documents, and support driving projects to successful deployment by leveraging internal resources.

·       As needed, perform comparative analysis of multiple technologies and vendor offerings to evaluate fit to function for incorporation into CMPS infrastructure.

·       Support CMPS security services to include SME role assisting Attribute-Based Access Control and Secure Token Service issuance.

·       Support requirements management, oversight, updates, discrepancy reports and requests for change (RFCs).

·       Coordinate/collaborate with stakeholders regarding policy, development and governance.

·       Support analysis of new IAM technologies.

·       Facilitate app enablement with IAM services.

·       Provide guidance regarding changes to the AD schema.

·       Manage and maintain standardized Organizational Units (OU) in AD.

·       Manage and maintain AD custom attributes and security groups.

·       Manage AD sites and subnets, including site replication.

·       Manage and maintain group policy, and scripts associated with group policy, to secure the IT infrastructure and grant necessary resources to staff and tenant users, consistent with job requirements (i.e. server, common Microsoft products such as SharePoint, Teams and other group policies as requested).

·       Create and maintain a Group Policy Map to indicate what each group policy does, what resource(s) is (are) affected and understand the effect of any change to group policy.

·       Manage the AD database, System Volume (SYSVOL).

·       Monitor Domain Controllers to prevent outages and/or restore service in a timely manner, analyze the policies currently monitored, and make recommendations as needed to provide meaningful alerts for action.

·       Audit changes to accounts, group policy, and other changes to AD with enterprise auditing tools.

·       Maintain a listing of all service accounts, the applications and servers which use them, and the unit responsible for the accounts.

·       Provision, modify, and deprovision user and administrator accounts for CMPS upon receipt of approved access or deprovisioning request, based upon location, role, or both.

·       Make necessary adjustments to security controls to grant only that access to IT resources required for job performance.

·       Manage user profiles, including access to share drives, OU assignment, password reset, and general directory cleanup at regular intervals.

·       Manage and maintain delegation of permissions.

·       Follow CMPS policy and procedures for account management to create, modify, or delete accounts and account permissions.


Smart New Digital Services for Schneider Electric
Read More

Qualifications

Basic Qualifications: 

·       5 years’ experience in architecting IAM solutions leveraging industry leading products in one or more of the following: CA SiteMinder, Tivoli Identity Management ForgeRock Identity Management, OneLogin or SailPoint IQ.

·       5 years’ experience in working with Microsoft Active Directory including user account management and implementation of services to Microsoft-Based Platforms.

·       5 years AD Security & Design Architecture

·       3 years’ experience implementing IAM solutions in cloud environments on AWS and Azure platforms.

·       3 years’ experience in working with requirements teams translating IAM business processes including user provisioning and access management with knowledge of authentication and federation protocols including SAML (different implementations and flavors Oauth, MiniOrange, etc.) and ADFS.

·       3 years Encryption, RHEL Linux or variant distributions, Firewalls/WAF experience.

·       Highly proficient in the core IAM principles including identity provisioning, authentication and authorization services, and implementation of directory services.

·       Experience supporting authentication services including firewall and web services, Kerberos constrained delegation, and single sign on.

·       Possess a broad understanding of web services including troubleshooting internal and external sources. Must include an understanding of protocols for web traffic, troubleshooting, and diagnosing of connectivity issues.

·       Requires working knowledge of Privileged Account Management (PAM) system and application administration.

·       Experience with Lightweight Active Directory Protocol (LDAP) and Secure Lightweight Active Directory Protocol (LDAPS).

·       General understanding of Structured Query Language (SQL), PowerShell and Python.

·       General understanding of RSA management and support.

·       Understanding of Attribute-Based Access Control design patterns as implemented by various vendors.

·       US Citizen

 

 

Preferred Qualifications:

·       Bachelor’s degree

·       Experience designing and managing IAM schemas to support a Managed Service Provider (MSP) structure in both a single and multi-tenant model.

·       Experience with ITIL processes

·       Experienced in deploying solutions in federal environments including knowledge of NIST, FISMA, FedRAMP and/or DoD regulations.

·       Working knowledge of Service Now Ticket Management Systems

·       Security+ Certification, MCSE, MCSA, CISSP, CISM, or greater

 

 

 

 

An active security clearance or the ability to obtain one may be required for this role.

Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.

Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).

Accenture is a Federal Contractor and an EEO and Affirmative Action Employer of Females/Minorities/Veterans/Individuals with Disabilities.

Equal Employment Opportunity

All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment opportunities to our service men and women.

 

All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment opportunities to our service men and women.

Stay Connected

Join our Team

Join Our Team

Search open positions that match your skills and interest. We look for passionate, curious, creative and solution-driven team players.

Keep up to date

Keep Up to Date

Stay ahead with careers tips, insider perspectives, and industry-leading insights you can put to use today–all from the people who work here.

Stay Connected

Stay Connected

Receive job alerts, latest news and insider tips tailored to your preferences. See what exciting and rewarding opportunities await.