2163 Identity & Access Management Support Engineer

The Gap Inc.

Company Type

Identity & Access management support engineer – Information security

Hyderabad, India


Gap Tech drives innovative retail, e-commerce and global enterprise technology for our headquarters operations and our five iconic brands across the world. We push boundaries. We challenge the status quo. Innovation sits at the core of everything we do. And we’re not here just to execute; we’re here to learn and grow. As individuals, we’re passionate, diverse, innovative and wickedly talented. As a team, we’re making amazing things happen in our offices, our stores and our communities. We are diversifying our talent globally, and expanding our reach by opening a technology hub in Hyderabad, India.  Growing over time, this center will become critical in enabling technology that powers Gap Inc. business globally.

Summary: The Identity & Access Management enforces least privilege access per business needs using the appropriate mix of authentication, access, and audit controls. IAM deliver access rights consistently through hire/fire/role change events. It establishes least privilege, role based access control and consistently maintains user identity and accessibility across the enterprise

The GapTech team is chartered with driving revenue and profit growth in Gap’s online and direct channel business through the development and implementation of analytics, decision support systems, and predictive models for profit maximizing analytical processes.

Infosec SecOps engineers and operates all on-premise security technology used to protect Gap Inc. information assets. We deliver technical security capabilities to GapTech customers that minimize threats to the business. We drive the security technology roadmap, improving and enhancing GapTech ability to protect, detect, and respond to technical threats.

The SecOps IAM team is looking for enthusiastic and security minded developers. Potential candidates tend to be curious learners, apply their skills to understand the challenge provided to solve, build and maintain a robust IDM solution. Candidates will also need to have knowledge of directories, databases and cloud (SaaS/PaaS) integrations.

Capabilities & Requirements:

Key Requirements

Develop and support highly automated, reliable and available IAM solutions

Develop and support Identity Management system

Develop and Support SSO Federation (SAML/OAuth/OpenID-Connect) solutions for internal applications and externally-hosted SaaS applications

Support PKI solutions for internal applications, devices, systems and manage PKI systems.

Implement and support Privileged Access Management solution using Thycotic Secret Server

Understand existing authentication and federation ecosystems and support the environment

Work on defects and bugs to improve user interaction with IAM systems

Coordinate with onshore team to understand requirements and tasks

Provide daily and weekly status to onshore team

Leverage system analytics and gather usage metrics to process and deliver enhancement requests 

Provide advanced troubleshooting, participate in on-call rotation, and develop solutions and processes to reduce off hours support calls

Provide Scripting expertise to automate critical manual processes.

Monitor, support, troubleshoot and problem resolution of IAM/PAM service and related incidents.

Provide Administration support for all the IAM tools

Document solutions and root cause analysis in company knowledge base

Resolve issues reported via tickets/requests,

Perform QA testing on new solutions

Maintain version control of files

prepare and update run books for service desk for new IAM catalog items.

Monitor production servers and processes

Technical Skills

Experience in any of the Identity Management tools - Sailpoint Identity IQ (Preferred) or Sun Identity Manager (Oracle Waveset)

Strong development skills using Java, J2EE and Bean Shell, REST Web Services

Experience in any of Single Sign On tools like - Ping Federate (Preferred) or Tivoli Access Manager (Preferred)

  • Experience in any PKI infrastructure - PrimeKey PKI (Preferred)
  • Experience in any of the Privileged Identity Management tools - Thycotic Secret Server, CyberArk, etc
  • Proven experience managing and deploying PKI infrastructure including managing CAs, SCEP for cert enrollment, CMP (Certificate management protocol) for automation
  • Experience with certificate management functions – Registration Authorities (RAs), CRLs, HSMs, OSCP to deploy complex PKI system with other technologies
  • Experience with integrating using Kerberos, OAuth, OpenID Connect
  • Understanding of Kerberos, Web Services, Wireless Networks, AD, LDAP, MFA technologies
  • Experience in Multi-Factor Authentication (MFA) – soft/hard token solutions, OTP, PKI/Certificates, Web Servers (Apache, Tomcat, Weblogic, JBoss, IIS)

Experience in Custom Connector and workflow development

Experience in Active Directory and LDAP integration through IDM

Experience in Windows Power shell development

Knowledge of Application server like Tomcat or JBOSS

Knowledge of Database like Oracle, MS SQL Server or MySQL

Technical proficiency with technologies like PKI, 802.1x/EA-TLS Authentication protocols

Knowledge of SDLC methods

  • Strong communication and interpersonal skills
  • Experience in implementing enhanced security for elevated accounts in Active Directory.
  • Experience in working with UNIX based servers
  • Experience working on large, cross functional, globally distributed and complex projects
  • Ability to communicate ideas effectively to team members

Nice to have:

Security certifications: CISSP, CISM, CISA, CEH, etc. preferred


Bachelor Degree

  • 3+ years’ experience in Information Security 
  • 4+ years’ experience in developing and administering Identity Management tools such as Sailpoint (preferred), Oracle Waveset, etc
  • 4+ years’ experience in managing Single Sign-On (SSO) environments, SSO Federation (SAML) both as an IDP and SP
  • 2+ years’ experience in developing and administering Privileged Identity and Access Management tools such as Thycotic Secret Server (preferred), CyberArk, etc
  • 2+ years’ experience in managing PKI environments
  • 3+ years of development skills (.NET, Java, Web services, scripting)

Read Full DescriptionHide Full Description
Confirmed 4 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

One Step Register
Need an account? Sign Up