Federal Reserve Bank Engineer - Identity & Access Management in Boston, Massachusetts

Department Information:

The Network Security Services department at the Boston Fed consists primarily of information technology (IT) professionals focused on delivering to the plan/build/run model within the National IT organization. As part of this nationwide network of information security experts, you will partner with colleagues throughout the Federal Reserve System for this dynamic and important work. The role of Network Security Services is to offer highly secure and highly available connectivity between Reserve Banks and the internet and to provide System-wide capabilities that enable other IT applications to function more effectively. Network Security Services strives to be a thought leader delivering innovative, seamless technology and System security to protect data, applications, and users regardless of their location.

Job Summary: The incumbent will be working in a mission-critical security team at the Federal Reserve System (FRS). The Directory Services team is part of the Identity and Access Management (IAM) national IT organization that supports all Federal Reserve Banks and provides secure, enterprise IAM services to the Federal Reserve. This position is responsible for planning and executing authentication, authorization and identity management solutions that meet the business needs and support the mission of the Federal Reserve Bank. The IAM Lead Engineer will work in a collaborative, dynamic, cross-functional team environment of security professionals to help advance the modernization of IAM capabilities for the Federal Reserve.

Principal Accountabilities: • Provides integration and implementation of directory services and IAM solutions, with a focus on technologies such as Active Directory and LDAP products, identity correlation and synchronization services, and single-sign on/federated identity technologies, while in compliance with service level agreements, Federal Reserve System standards, and security and technology industry best practices. • Participate in design reviews and design development as directory services/IAM subject matter expert; provide input to design where needed and help plan execution of designs to transition work into implementation phase. • Lead the implementation of new IAM services or capabilities, directory service releases and improvements. This entails requirements validation, research, project planning, installation, configuration, security hardening, documentation, testing, automation, troubleshooting and knowledge transfer. • Provides consultation to FRS business lines and IT peers in order to evaluate and implement technical solutions and process improvements in areas related to Identity and Access Management • Communicate and work directly with stakeholders, customers, subject matter experts and colleagues across the Federal Reserve System on projects, issues and events • Occasional after hours and weekend work will be required in order to perform tasks and maintenance that cannot be done during business hours

Other Accountabilities: Perform other duties as assigned.

Supervision: This position is not required to directly supervise others.

Minimum Qualifications: • Knowledge and experience normally acquired through, or equivalent to, the completion of a Bachelor’s degree, preferably in an IT field, and a minimum of 3 years of job related IAM experience • Individual must be proficient in directory services and IAM technologies such as IAM cloud services/IDaaS, Active Directory, LDAP, Meta-directory and Virtual Directory technologies, SSO/Federation/Security Token Services, PKI • Knowledge or experience with Linux or Windows operating systems, networking (i.e. load balancing, DNS, firewalls, etc.) and relational databases (e.g. SQL) • Proficient in one or more scripting languages such as Perl, Java, JavaScript, XML, PowerShell, MS .NET Framework, Python • Working knowledge of authentication industry standards and protocols (SAML, OAuth, LDAP, Kerberos, Open ID Connect, etc.) • Ability to work with little supervision and manage multiple tasks/assignments • Strong analytical problem solving and root cause analysis skills • Eagerness to learn and an ability to pick up new things quickly • Must possess the ability to work as a team member with globally distributed and cross-functional teams • Must have strong written and verbal communication skills and customer service skills

Preferred Qualifications: • Working knowledge of Identity Management and Access Control suite products from leading vendors such as Microsoft, IBM, Oracle, Sailpoint, etc. • Familiarity with modern Identity and Access Management concepts and best practices • Experience planning, designing and/or configuring hardened security controls, standards and/or processes to mitigate risks to IAM systems • Knowledge or experience integrating with, or migrating to IAM cloud-based services • Experience with REST APIs is a plus • Knowledge and/or experience with Access Rights Management, Data Access Governance and information protection technologies is a plus • Cloud, Security and Information Technology Certifications (e.g.: MCSE/MCSA, CISSP/CCSP, AWS) is a plus.

Additional Information: Occasional travel including overnight stays may be necessary.

/All employees assigned to this position will be subject to FBI fingerprint/ criminal background and Patriot Act/ Office of Foreign Assets Control (OFAC) watch list checks at least once every five years./

/The above statements are intended to describe the general nature and level of work required of this position. They are not intended to be an exhaustive list of all duties, responsibilities or skills associated with this position or the personnel so classified. While this job description is intended to be an accurate reflection of this position, management reserves the right to revise this or any job description at its discretion at any time./

Organization: *Federal Reserve Bank of Boston

Title: Engineer - Identity & Access Management

Location: MA-Boston

Requisition ID: 256580