Security Consultant: Identity & Access Management

Introduction
In this role you’ll work in our IBM Client Innovation Center (CIC) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world.​ These centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology

Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
Design the architecture for IBM Security Access Manager on premise solution and its integration with on-premises as well as cloud-based applications. Prepare the upgrade plan for ISVA and its related components without affecting existing usecases. Upgrade ISVA and configure with AAC Db2 database upgrade IBM Directory server migrate data from one directory server to another.

• Migration of ISVA policy server data directory data configurations rules. Install configure and upgrade ISAM in single and cluster environments. Configure ISAM Advanced access control and federation environment. Create WebSEAL and policy server cluster load balancing high availability.
• Build ISAM Disaster recovery setup. Creating WebSEAL reverse proxy instances configuring and integrating with client applications. Appliance configurations and development of ACL junctions page customizations. Configure Single Sign on and authentication mechanism of target applications using Header based form based SSO .TAI++ LTPA BAEAI Kerberos. Implementation of multi factor authentication(MFA) using email OTP SMS OTP TOTP and using IBM verify.
• ISAM configurations ISAM advanced access control authentication mechanism policies risk profiles OTP mapping rule creation. Operational support for IAM environment and troubleshooting of issues related ISAM DB2 SDS. Creation of Use case documents Technical design documents Test Plan User Acceptance Test SOPs.

Required Technical and Professional Expertise

• 4+ years of industry experience with minimum 2+ years relevant experience in CyberArk privileged access solution. Experience in development and implementation design and architecture of privileged access solution using CyberArk
• Experience in “Migrate from CyberArk PMTerminal to TPC”. Hands-on with modifying existing plugins or aware of when developing new plugins. Experience on upgrade for CyberArk from V10.x to latest. Must possess the technical/functional skills necessary to understand and manage consulting project engagements. Experience in end-to-end implementation lifecycle of CyberArk project. Excellent hands-on knowledge on the best practices of deploying CyberArk PAS including various components like EPV CPM PVWA PSM PSMP OPM and PTA
• Well versed with Active Directory. Experience in developing custom connectors using automation approaches like AutoIT script. Assist customers in developing a secured privileged access management infrastructure and also to define policies to protect their applications/platforms/targets from unauthorized access. Candidates must be a CyberArk Certified Delivery Engineer (CCDE) or equivalent
• The successful applicant will be an experienced CyberArk PAM consultant to take our client’s project forward and support the account.

Preferred Technical and Professional Expertise

• Experience with Okta ASA Ping Saviynt Experience with JavaScript and one of the major JavaScript MVC frameworks (preferably Angular). Directory experience (AD Azure AD LDAP)
• SaaS deployment experience. Knowledge of enterprise web technologies security and cutting-edge infrastructures. Knowledge of Cloud architectures and complex enterprise On-Premises IT landscapes and hybrid Cloud/On-Prem architectures
• Knowledge of enterprise identity lifecycle management processes and standards. Proven track record in working as part of a team meeting deadlines tutoring/mentoring. Experience with at least one of the following development environments/languages: J2EE Java JavaScript.Experience in specific industry verticals is preferred