Identity & Access management support engineer – Information security
Gap Tech drives innovative retail, e-commerce and global enterprise technology for our headquarters operations and our five iconic brands across the world. We push boundaries. We challenge the status quo. Innovation sits at the core of everything we do. And we’re not here just to execute; we’re here to learn and grow. As individuals, we’re passionate, diverse, innovative and wickedly talented. As a team, we’re making amazing things happen in our offices, our stores and our communities. We are diversifying our talent globally, and expanding our reach by opening a technology hub in Hyderabad, India. Growing over time, this center will become critical in enabling technology that powers Gap Inc. business globally.
Summary: The Identity & Access Management enforces least privilege access per business needs using the appropriate mix of authentication, access, and audit controls. IAM deliver access rights consistently through hire/fire/role change events. It establishes least privilege, role based access control and consistently maintains user identity and accessibility across the enterprise
The GapTech team is chartered with driving revenue and profit growth in Gap’s online and direct channel business through the development and implementation of analytics, decision support systems, and predictive models for profit maximizing analytical processes.
Infosec SecOps engineers and operates all on-premise security technology used to protect Gap Inc. information assets. We deliver technical security capabilities to GapTech customers that minimize threats to the business. We drive the security technology roadmap, improving and enhancing GapTech ability to protect, detect, and respond to technical threats.
The SecOps IAM team is looking for enthusiastic and security minded developers. Potential candidates tend to be curious learners, apply their skills to understand the challenge provided to solve, build and maintain a robust IDM solution. Candidates will also need to have knowledge of directories, databases and cloud (SaaS/PaaS) integrations.
Capabilities & Requirements:
•Develop and support highly automated, reliable and available IAM solutions
•Develop and support Identity Management system
•Develop and Support SSO Federation (SAML/OAuth/OpenID-Connect) solutions for internal applications and externally-hosted SaaS applications
•Support PKI solutions for internal applications, devices, systems and manage PKI systems.
•Implement and support Privileged Access Management solution using Thycotic Secret Server
•Understand existing authentication and federation ecosystems and support the environment
•Work on defects and bugs to improve user interaction with IAM systems
•Coordinate with onshore team to understand requirements and tasks
•Provide daily and weekly status to onshore team
•Leverage system analytics and gather usage metrics to process and deliver enhancement requests
•Provide advanced troubleshooting, participate in on-call rotation, and develop solutions and processes to reduce off hours support calls
•Provide Scripting expertise to automate critical manual processes.
•Monitor, support, troubleshoot and problem resolution of IAM/PAM service and related incidents.
•Provide Administration support for all the IAM tools
•Document solutions and root cause analysis in company knowledge base
•Resolve issues reported via tickets/requests,
•Perform QA testing on new solutions
•Maintain version control of files
•prepare and update run books for service desk for new IAM catalog items.
•Monitor production servers and processes
•Experience in any of the Identity Management tools - Sailpoint Identity IQ (Preferred) or Sun Identity Manager (Oracle Waveset)
•Strong development skills using Java, J2EE and Bean Shell, REST Web Services
•Experience in any of Single Sign On tools like - Ping Federate (Preferred) or Tivoli Access Manager (Preferred)
•Experience in Custom Connector and workflow development
•Experience in Active Directory and LDAP integration through IDM
•Experience in Windows Power shell development
•Knowledge of Application server like Tomcat or JBOSS
•Knowledge of Database like Oracle, MS SQL Server or MySQL
•Technical proficiency with technologies like PKI, 802.1x/EA-TLS Authentication protocols
•Knowledge of SDLC methods
Nice to have:
•Security certifications: CISSP, CISM, CISA, CEH, etc. preferred
REQUIRED EXPERIENCE AND EDUCATION: