Identity Management Engineer

GDIT is seeking a Identity Management Engineer for our Healthcare General Ledger Accounting System (HIGLAS) program at the Centers for Medicare & Medicaid Services (CMS).

Role Description:

• Functional administration and maintenance of our 12c Oracle Identity Management application including Oracle Access Manager (OAM), Oracle Internet Directory (OID), and Oracle Identity Governance (OIG).
• Provide support to and participate in IAM continuous monitoring activities including monitoring new and removed identities, access and permissions changes, privilege escalation, bot activity, and other related activities.
• Support user access provisioning, authentication, and access management processes.
• Actively participate in troubleshooting sessions for OIG/OAM in Prod and Non-Prod.
• Develop and maintain system documentation, including standard operating procedures (SOPs) and configuration guides.
• Having a strong affinity toward security-oriented practices – including coding, to avoid creating vulnerabilities.
• Coordinate and collaborate with technical subject matter experts (SMEs) to ensure technical and operational security controls are operating as expected.

Requirements/Experience:

• 5+ years’ experience in the Identity & Access Management domain.
• Expertise in implementing, maintaining, and migrating OIG, OAM 12c components (WebLogic, OIM, SOA, BI, OAM, OAA, OARM), and OID 12c.
• Strong Java coding skills with proficiency in OIG/OAM APIs (REST and Java APIs) for custom development of webpages, scheduled job deployments, automations.
• Thorough understanding of authentication and authorization mechanisms, including Single Sign-On (SSO), Identity Federation, Multi-Factor Authentication (MFA), Entitlements, Security Assertion Markup Language (SAML), Open Authorization (OAuth), etc.
• Extensive exposure to SSO integrations – designing and implementing SSO solutions using OOTB and custom options with OAM or other Identity tools.
• Strong knowledge of identity and access management, role- and attribute-based access controls (RBAC/ABAC), segregation of duties, least privilege, privilege escalation, etc.
• Hands on development experience with Scheduled jobs, Adapters, Event handlers, Notifications, plugins and custom connectors (ICF/CI), web pages (for custom page development).
• Ability to troubleshoot, identify and resolve issues related to OIG/OAM in Prod, non-prod environments.
• Strong understanding of SQL queries – ability to write custom queries to support custom functionalities, create reports, resolve any issues with existing SQL objects.
• Experience with BI Publisher reports creation/updates/migration/maintenance.
• Ability to manage multiple deliverables simultaneously, without impacting deadlines. It is critical for you to be a highly motivated contributor who can track items to completion without constant reminders.
• Experience with LDAP directories (like OID, AD, etc.) and LDAP queries, and an ability to troubleshoot & resolve any issues (data or otherwise).
• Experience with BI Publisher reports creation/updates/migration/maintenance.
• Strong analytical, written, and verbal communication skills with the ability and comfort level to conduct presentations for existing customer audiences.

Additional Qualifications:

• Upgrade experience from FMW 12c to 14c
• Knowledge of WebAuthn / FIDO2, device-level signaling, and other relevant Zero Trust identity functions.
• Relevant identity and access management certifications (e.g., CIAM, CIGE, etc.).
• Hands-on implementation experience with Oracle Access Manager (OAM) 12c - incl. WebGate config/deployment and SAML, OIDC, OAUTH protocols.
• Experience in addressing audit requirements – specifically related to Certifications, user operations, access grants, request approvals, etc.
• Knowledge of Splunk, including the ability to independently investigate any logs for relevant issues.

.

Location: Remote

Clearance: Ability to pass CMS background check and meet the residency requirement for having resided in the US at least (3) three out of the last (5) five years.

What GDIT Can Offer You:

• Full-flex work week to own your priorities at work and at home, with core work hours Monday – Friday 9:00 AM ET – 3:00 PM ET

• 401K with company match

• Comprehensive health and wellness packages

• Internal mobility team dedicated to helping you own your career

• Professional growth opportunities including paid education and certifications

• Cutting-edge technology you can learn from

• Rest and recharge with paid vacation and holidays

• Challenging work that makes a real impact on the world around you

• Remote work

#GDITFedHealthJobs