EY TC-CS-IAM IMP-Ping-Manager 

India, Karnataka, Bengaluru 

999764910

Your key responsibilities

• Engage and contribute to the Identity & Access Management projects
• Work effectively as a team member/lead, sharing responsibility, providing support, maintaining communication and updating stakeholders team members on progress
• Assists customer organizations with planning and implementing complex architecture solutions
• Execute the engagement requirements, along with review of work done by junior team members
• Able to create, plan, and execute advanced IAM trainings and independently drive proof of concepts involving emerging IAM technologies
• Use case design, Solution Requirements Specification and mapping business requirements to technical requirements (Traceability Matrix).
• Architecture Design (optimising the resources made available – servers and load sharing etc.).
• Involvement in a successful pursuit of a potential client by being part of the RFP response team.
• Should be implementing IAM engagements, including requirements gathering, analysis, design, development, and end-end deployment.
• Develop and maintain productive working relationships with client personnel
• Build strong internal relationships within EY Consulting Services and with other services across the organization
• Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members
• Contribute to people related initiatives including recruiting and retaining IAM professionals
• Maintain an educational program to continually develop personal skills by learning various IAM tools and latest skills
• Automate the manual process in the IAM domain
• Understand and follow workplace policies and procedures
• Building a quality culture at GTH
• Manage the performance management for the direct reportees, as per the organization policies
• Foster teamwork and lead by example
• Training and mentoring of project resources
• Participating in the organization-wide people initiatives

Skills and attributes for success

• Hands-on experience on end-to-end implementation of Identity and Access Management using either of the products – Ping suite of products (PingFederate, Ping Access, PingONE), Okta, Azure AD, ForgeRock suite of products (OpenAM, OpenIDM, OpenDJ, OpenDS).
• Completed at least 2-6 implementations leveraging either of the products listed above or combination of above.
• Strong understanding of access management fundamentals like Authentication, Authorization, MFA, SSO, Federation, and Directory Services concepts.
• Good hands-on experience on OAuth 2.0, OIDC, WS-Fed protocols.
• Involved in end-to-end design and implementation of SSO architecture and designed various authentication, authorization, MFA and SSO use cases

Ping Suite:

• Strong competency in PingFederate, PingAccess installation, upgrade
• Designing & implementing custom authentication and authorization flows using PingFederate authentication policies
• Implemented any migration projects from one IAM tool to other
• Strong knowledge of PingFederate administrative configuration with understanding of federation protocols - SAML, OAuth/OpenID with PKCE
• Hands-on experience on developing custom adapters, PCV, selectors etc using Java
• Hands-on experience of HTML, CSS, and JavaScript
• Experience in managing Certificate & Key Management
• Experience on design and development of monitoring scripts, and OGNL expression
• Should have knowledge of API security
• Design Multi-Factor Authentication (MFA) solutions using PingID or 3rd party products
• Have hands-on experience on cloud provider – Azure or AWS or GCP
• Experience in scripting language - python, powershell, and bash
• Knowledge of other IAM products – Azure AD, Auth0, ForgeRock, OKTA

Okta

• Hands-on experience on Directory level integration with Okta for AD, LDAP, Azure AD, Oracle AD.
• Good Understanding on IWA, SWA and Okta Workflows.
• Hands-on experience on Okta APIs and good understanding of XML, HTML, CSS
• Should be knowledge on Okta Access Gateway, Okta Advance Server Access and SCIM.
• Hands-on experience on developing custom UI pages, branding and email template as per business needs.
• Should be knowledge on Okta Access Gateway, Okta Advance Server Access and SCIM.
• Hands-on experience on developing custom UI pages, branding and email template as per business needs
• Experience and knowledge on Okta classic engine and Okta Identity engine
• Experience over integration of on-prem and legacy applications with Okta
• Working knowledge on multi-factor authentication, Security Rules, Policies and Provisioning.
• Hands-on experience in troubleshooting the issues related with Okta and any other AM specific tools
• Basic AD and LDAP Functionality authentication, authorization.
• Experience in Directory Integration with Okta.
• Experience in troubleshooting the access related issue reported by application team.

Azure AD

• Hands-on experience on Azure Active Directory end-to-end implementation involving designing, implementation and customization
• Understanding and experience in different technology of Azure Active Directory, B2E, B2B and B2C
• Implementation experience in ADFS, Azure AD Connect, Azure AD Application Proxy, Conditional Access Policy, LDAP, Active Directory, Application Integrations for SSO and multi-factor authentication
• Working experience in application integration with header-based, SAML2.0, OIDC, OAuth2.0, WS-Fed protocols
• Experienced in managing external identities and consumers in Azure AD B2B and B2C tenants
• Onboarding and offboarding applications on AAD B2B and B2C platforms
• Implementing custom policy using Identity Experience Framework for AAD B2C
• Experience in social login and 3rd party identity provider integration with AAD B2C
• Should have experience in assisting application team to use Microsoft libraries like MSAL
• Experience in integrating mobile application with AAD B2C
• Experience in integrating Azure AD with API management solution
• Should have knowledge on different component of Azure being used for Azure AD solution such as tenant creation, subscription, resource group.
• Should have knowledge in Identity management and Privileged Identity Management concepts
• Experienced in renew, update and troubleshoot certificate related issues
• Should have knowledge of different integration and architecture in customer’s IAM environment such as WAF, Load Balancer, network components
• Experience and exposure of using/exposing REST APIs including Azure AD graph APIs.

ForgeRock

• Good understanding of Forgerock OpenAM, OpenDS and OpenIDM.
• Good to have knowledge on Forgerock OpenIG.
• Hands-on Core Java development and debugging experience.
• Knowledge on JavaScript/Groovy Script to work on custom scripts for OpenAM.
• Should be capable of dissecting large problems and designing modular, scalable solutions.
• Should be familiar with application servers such as Tomcat and WebLogic.
• Hands-on experience in setting up Forgerock OpenAM, OpenDS and OpenIDM environment in standalone and cluster environment.
• Hands-on experience on configuring Single Sign-on with Forgerock as per the requirements.
• Strong understanding of access management fundamentals like authentication and authorization.
• Capability of understanding the business requirements and converting that into design.
• Good knowledge of information security, standards and regulations.
• Should be flexible to work on new technologies in IAM domain.
• Worked in client facing role for Single Sign-On implementation with Forgerock.
• Need to be thorough in Forgerock OpenAM, OpenDS and OpenIDM with hands-on experience involving configuration, implementation & customization.
• Deployment of web application & basic troubleshooting of web application issues

Good to have:

• Very good understanding of information security concepts with in-depth knowledge of IAM solutions and latest trends.
• Should be able to understand business requirement and translate them in technical requirement and implement the same.
• Understanding of latest technology such as Zero trust framework, Fine-grained authorization, Password less authentication, customer Identity and Access Management (CIAM)
• Hands-on knowledge of any programming language Java or Python with good understanding of PowerShell.
• Should be familiar with application servers such as Tomcat and IIS.
• Ability to develop documentation such as business requirement document, high and low level design document, training and user procedures document.
• Should be flexible to work on new technologies in IAM domain.
• Should have had direct client experience, including working with client teams in an on-site or offshore mode.
• Need to liaise with Business stakeholders and seek requirement clarification. Should be able to map business requirements to technical specifications.
• Use case design, Solution Requirements Specification and mapping business requirements to technical requirements (Traceability Matrix).
• Involvement in a successful pursuit of a potential client by being part of the RFP response team.
• Architecture Design for overall IAM solution in customer environment (optimising the resources made available – servers and load sharing etc.).

To qualify for the role, you must have

• B. Tech./ B.E. with sound technical skills
• Strong command on verbal and written English language.
• Experience in HTML, CSS and JavaScript.
• Strong interpersonal and presentation skills.
• 8-10 Years’ Work Experience.

Certification:

• Desirable to have certifications in security domain, such as CISSP and CISA or any IAM product specific certifications
• Desirable to have product specific certifications like - Forgerock AM such as AM-100, AM-400, AM-410 or AM-421, Microsoft Azure certifications (SC-200, SC-300, AZ-500 etc), Okta certifications.

What we look for

• Who has hands on experience in setting up the Identity and Access Management environment in standalone and cluster environment.
• Who has hands-on Development experience on Provisioning Workflows, triggers, Rules and customizing the tool as per the requirements.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.