TC-CS-IAM IMP-Ping-Manager
Noida, UP, IN, 201301
EY
Mit unseren vier integrierten Geschäftsbereichen — Wirtschaftsprüfung und prüfungsnahe Dienstleistungen, Steuerberatung, Unternehmensberatung und Strategy and Transactions — sowie unserem Branchenwissen unterstützen wir unsere Mandanten dabei,...At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
EY-Cyber Security-IAM–Consulting- Risk
As part of our EY-cyber security team, you shall Engage in Identity & Access Management projects in the capacity of execution of deliverables. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GTH within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team
The opportunity
We’re looking for Security Analyst / Consultant in the Risk Consulting team to work on various Identity and Access Management projects for our customers across the globe. Also, the professional shall need to report any identified risks within engagements and share any issues and updates with senior members of the team.
In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Your key responsibilities
- Engage and contribute to the Identity & Access Management projects
- Work effectively as a team member/lead, sharing responsibility, providing support, maintaining communication and updating stakeholders team members on progress
- Assists customer organizations with planning and implementing complex architecture solutions
- Execute the engagement requirements, along with review of work done by junior team members
- Able to create, plan, and execute advanced IAM trainings and independently drive proof of concepts involving emerging IAM technologies
- Use case design, Solution Requirements Specification and mapping business requirements to technical requirements (Traceability Matrix).
- Architecture Design (optimising the resources made available – servers and load sharing etc.).
- Involvement in a successful pursuit of a potential client by being part of the RFP response team.
- Should be implementing IAM engagements, including requirements gathering, analysis, design, development, and end-end deployment.
- Develop and maintain productive working relationships with client personnel
- Build strong internal relationships within EY Consulting Services and with other services across the organization
- Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members
- Contribute to people related initiatives including recruiting and retaining IAM professionals
- Maintain an educational program to continually develop personal skills by learning various IAM tools and latest skills
- Automate the manual process in the IAM domain
- Understand and follow workplace policies and procedures
- Building a quality culture at GTH
- Manage the performance management for the direct reportees, as per the organization policies
- Foster teamwork and lead by example
- Training and mentoring of project resources
- Participating in the organization-wide people initiatives
Skills and attributes for success
- Hands-on experience on end-to-end implementation of Identity and Access Management using either of the products – Ping suite of products (PingFederate, Ping Access, PingONE), Okta, Azure AD, ForgeRock suite of products (OpenAM, OpenIDM, OpenDJ, OpenDS).
- Completed at least 2-6 implementations leveraging either of the products listed above or combination of above.
- Strong understanding of access management fundamentals like Authentication, Authorization, MFA, SSO, Federation, and Directory Services concepts.
- Good hands-on experience on OAuth 2.0, OIDC, WS-Fed protocols.
- Involved in end-to-end design and implementation of SSO architecture and designed various authentication, authorization, MFA and SSO use cases
Ping Suite:
- Strong competency in PingFederate, PingAccess installation, upgrade
- Designing & implementing custom authentication and authorization flows using PingFederate authentication policies
- Implemented any migration projects from one IAM tool to other
- Strong knowledge of PingFederate administrative configuration with understanding of federation protocols - SAML, OAuth/OpenID with PKCE
- Hands-on experience on developing custom adapters, PCV, selectors etc using Java
- Hands-on experience of HTML, CSS, and JavaScript
- Experience in managing Certificate & Key Management
- Experience on design and development of monitoring scripts, and OGNL expression
- Should have knowledge of API security
- Design Multi-Factor Authentication (MFA) solutions using PingID or 3rd party products
- Have hands-on experience on cloud provider – Azure or AWS or GCP
- Experience in scripting language - python, powershell, and bash
- Knowledge of other IAM products – Azure AD, Auth0, ForgeRock, OKTA
Okta
- Hands-on experience on Directory level integration with Okta for AD, LDAP, Azure AD, Oracle AD.
- Good Understanding on IWA, SWA and Okta Workflows.
- Hands-on experience on Okta APIs and good understanding of XML, HTML, CSS
- Should be knowledge on Okta Access Gateway, Okta Advance Server Access and SCIM.
- Hands-on experience on developing custom UI pages, branding and email template as per business needs.
- Should be knowledge on Okta Access Gateway, Okta Advance Server Access and SCIM.
- Hands-on experience on developing custom UI pages, branding and email template as per business needs
- Experience and knowledge on Okta classic engine and Okta Identity engine
- Experience over integration of on-prem and legacy applications with Okta
- Working knowledge on multi-factor authentication, Security Rules, Policies and Provisioning.
- Hands-on experience in troubleshooting the issues related with Okta and any other AM specific tools
- Basic AD and LDAP Functionality authentication, authorization.
- Experience in Directory Integration with Okta.
- Experience in troubleshooting the access related issue reported by application team.
Azure AD
- Hands-on experience on Azure Active Directory end-to-end implementation involving designing, implementation and customization
- Understanding and experience in different technology of Azure Active Directory, B2E, B2B and B2C
- Implementation experience in ADFS, Azure AD Connect, Azure AD Application Proxy, Conditional Access Policy, LDAP, Active Directory, Application Integrations for SSO and multi-factor authentication
- Working experience in application integration with header-based, SAML2.0, OIDC, OAuth2.0, WS-Fed protocols
- Experienced in managing external identities and consumers in Azure AD B2B and B2C tenants
- Onboarding and offboarding applications on AAD B2B and B2C platforms
- Implementing custom policy using Identity Experience Framework for AAD B2C
- Experience in social login and 3rd party identity provider integration with AAD B2C
- Should have experience in assisting application team to use Microsoft libraries like MSAL
- Experience in integrating mobile application with AAD B2C
- Experience in integrating Azure AD with API management solution
- Should have knowledge on different component of Azure being used for Azure AD solution such as tenant creation, subscription, resource group.
- Should have knowledge in Identity management and Privileged Identity Management concepts
- Experienced in renew, update and troubleshoot certificate related issues
- Should have knowledge of different integration and architecture in customer’s IAM environment such as WAF, Load Balancer, network components
- Experience and exposure of using/exposing REST APIs including Azure AD graph APIs.
ForgeRock
- Good understanding of Forgerock OpenAM, OpenDS and OpenIDM.
- Good to have knowledge on Forgerock OpenIG.
- Hands-on Core Java development and debugging experience.
- Knowledge on JavaScript/Groovy Script to work on custom scripts for OpenAM.
- Should be capable of dissecting large problems and designing modular, scalable solutions.
- Should be familiar with application servers such as Tomcat and WebLogic.
- Hands-on experience in setting up Forgerock OpenAM, OpenDS and OpenIDM environment in standalone and cluster environment.
- Hands-on experience on configuring Single Sign-on with Forgerock as per the requirements.
- Strong understanding of access management fundamentals like authentication and authorization.
- Capability of understanding the business requirements and converting that into design.
- Good knowledge of information security, standards and regulations.
- Should be flexible to work on new technologies in IAM domain.
- Worked in client facing role for Single Sign-On implementation with Forgerock.
- Need to be thorough in Forgerock OpenAM, OpenDS and OpenIDM with hands-on experience involving configuration, implementation & customization.
- Deployment of web application & basic troubleshooting of web application issues
Good to have:
- Very good understanding of information security concepts with in-depth knowledge of IAM solutions and latest trends.
- Should be able to understand business requirement and translate them in technical requirement and implement the same.
- Understanding of latest technology such as Zero trust framework, Fine-grained authorization, Password less authentication, customer Identity and Access Management (CIAM)
- Hands-on knowledge of any programming language Java or Python with good understanding of PowerShell.
- Should be familiar with application servers such as Tomcat and IIS.
- Ability to develop documentation such as business requirement document, high and low level design document, training and user procedures document.
- Should be flexible to work on new technologies in IAM domain.
- Should have had direct client experience, including working with client teams in an on-site or offshore mode.
- Need to liaise with Business stakeholders and seek requirement clarification. Should be able to map business requirements to technical specifications.
- Use case design, Solution Requirements Specification and mapping business requirements to technical requirements (Traceability Matrix).
- Involvement in a successful pursuit of a potential client by being part of the RFP response team.
- Architecture Design for overall IAM solution in customer environment (optimising the resources made available – servers and load sharing etc.).
To qualify for the role, you must have
- B. Tech./ B.E. with sound technical skills
- Strong command on verbal and written English language.
- Experience in HTML, CSS and JavaScript.
- Strong interpersonal and presentation skills.
- 8-10 Years’ Work Experience.
Certification:
- Desirable to have certifications in security domain, such as CISSP and CISA or any IAM product specific certifications
- Desirable to have product specific certifications like - Forgerock AM such as AM-100, AM-400, AM-410 or AM-421, Microsoft Azure certifications (SC-200, SC-300, AZ-500 etc), Okta certifications.
What we look for
- Who has hands on experience in setting up the Identity and Access Management environment in standalone and cluster environment.
- Who has hands-on Development experience on Provisioning Workflows, triggers, Rules and customizing the tool as per the requirements.
What working at EY offers
At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory APIs AWS Azure Bash CISA CISSP Cloud ForgeRock GCP IAM Java JavaScript LDAP Monitoring Okta OpenID Oracle PowerShell Python RFPs SAML Scripting SSO Strategy Tomcat XML Zero Trust
Perks/benefits: Career development Flex hours Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.