Directory and Authentication Engineer
We are seeking an individual with expertise in LDAP directory services with technical experience in the areas of Unix/Linux-based production environment of Directory Servers, such as ForgeRock OpenDJ/DS, Oracle Directory Server, and/or OpenLDAP.
Responsible for Unix/Linux based LDAP directory services environment including such duties as:
- Day to day operational performance monitoring and health checks.
- Monitoring of upstream and downstream data feeds.
- Working with end users and other support teams on data normalization.
- Performing preventative maintenance and scheduled outages for security and patch remediation.
- Designing/Recommending/Implementing new integrations with on and off premise (Cloud) resources.
- Researching and Implementing modernization of existing LDAP based solution up to and including proposals to upgrade or migrate away from existing solution.
- Participating in internal and external SAML federation rollouts to both on premise and cloud infrastructures using solutions from Forgerock and Microsoft.
- Ownership of engineering and support of applications infrastructure for identity and access management for LDAP on open systems environment as well as engineering/design/implementation of upgrades and integrations with existing and future on premise and cloud based PAAS/SAAS services.
- Monitor and analyze capacity and performance of the environments to determine when upgrades or changes are required.
- Interface with business users and partners to develop project requirements. 24x7 on-call support on a rotating basis.
- Participate in yearly Disaster Recovery tests.
- Experience administering a Unix/Linux-based production environment of Directory Servers, such as ForgeRock OpenDJ/DS, Oracle Directory Server, and openLDAP.
- Understanding of LDAP entries, schema, replication, ACIs, filters, monitoring, best practices, and other key aspects of LDAP.
- Use of command line LDAP tools.
- Familiarity with Microsoft Identity Manager (MIM) or other automated provisioning solutions preferred.
- Assist in designing, developing and implementing flexible LDAP architecture for PaaS and SaaS applications
- Performance periodic maintenance as/when required
- Work with upstream data source and downstream systems to resolve data related issues.
- Solid technical understanding of security and authentication concepts as well as data classification and handling of PII and other sensitive data types.
- Research new technologies from vendors and open source to find way to modernize or replace existing implementation.
- Strong verbal and written communications skills
- Strong collaboration skills for working with other business and applications teams on designing and supporting solutions, integrations, interfaces.
- Prior experience engineering/deploying/operating LDAP products, preferably with OpenAM/OpenDJ and ForgeRock or similar such as Sun/Oracle Directory on a Linux.
Experience / Education
Typically requires a minimum of 8 years of related experience with a 4 year degree; or 6 years and an advanced degree; or equivalent experience.
What’s In It For You:
At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job. That’s why we offer competitive financial compensation, including various compensation plans, and a solid benefits package.
- Medical, Dental, Vision Insurance
- 401k, With Matching Contributions
- Competitive Paid Time Off / Holidays / Sick time
- Parental Leave (Maternity / Paternity options)
- Health Savings Account (HSA)/Health Reimbursement Account (HRA) Options
- Growth Opportunities
- Short-Term/Long-Term Disability Insurance
- Discounted RTD Passes, with convenient office location off RTD Light Rail
- On-site Café with Catering Option for Busy Lifestyles
- 24/7/365 On-site Gym and Lockers, Free for Use to All Employees!
- Bike Racks
- And more!
Arrow is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, gender, sexual orientation, gender identity, national origin, veteran or disability status. (Arrow EEO/AAP policy)