DESCRIPTION

Idaho National Laboratory is hiring a Identity and Access Management Engineer to work in our Identity and Access Management department. Our team works a 9x80 schedule located in Idaho Falls and every other Friday off.
You will support efforts across multiple Active Directory domains and cloud environments. You will provide technical support, and the development of applications and integrations related to identity governance, which includes collaboration in design, architecture implementation, integrated business process, applications and scripting creation, and cybersecurity solutions to meet mission needs and maintain understanding of IAM direction and standards. Works is performed as part of the IAM team with direct oversight provided by the IAM Lead and IT End User Experience Manager. You will report to the manager for the Identity and Access Management department.

MINIMUM REQUIREMENTS:

• Level 2: Associates degree plus 4 years of related experience, Bachelor’s degree plus 2 years of related experience, or Masters degree and 0 year of relevant experience.
• Level 3: Associates degree plus 7 years of related experience, Bachelor’s degree plus 5 years of related experience, or Masters degree and 2 year of relevant experience.
• Working experience with Active Directory, Group Policy management, and SSO.
• Knowledge of Public Key Infrastructure (PKI) and X.509 standards, including operation Certificate Authorities.
• This position requires US Citizenship.

SELECTIVE SERVICE REQUIREMENTS

To be eligible for employment at INL males born after December 31, 1959 must have registered with the Selective Service System (SSS). For more information see www.sss.gov.

• Design, implementation, administration, and maintenance of authentication and access management environments.
• Gather requirements, estimate effort, and work with customers to deploy, and maintain identity and access management solutions.
• Perform work according to best practices for identity management, privileged access management (PAM), access controls, and credential integration for multi-factor authentication (MFA).
• Configure and maintain Single Sign-on (SSO) solutions for applications using Kerberos, SAML, and OAuth/OpenID Connect authentication.
• Implement customizations to integrate applications and federate services across multiple organizations.
• Install, patch and upgrade supporting products. Implement security controls observing company policy and DOE projects/directives.
• Provide support and administration for identity lifecycle management processes.
• Develop automated scripts that implement business logic to consolidate data from different business systems into the Identity Governance system, associated SQL Databases, Active Directory, and other automated computer data stores.
• Maintain vendor-supplied software to perform the necessary operations.
• Instruct others on the use of technology tools and create instructional documentation.
• This position will close: 2/18/25