Identity Access Management Engineer

ASRC Federal Broadleaf Division (Prime) is actively hiring an Identity Access Management Engineer in support of our Defense Counterintelligence Security Agency (DCSA) program based out of Quantico VA.

This is primarily a Telework position with a requirement to be onsite at least two (2) days a week at Quantico Marine Corps Base VA.

DUTIES:

As an Identity Access Management Engineer, you will be responsible for delivery and buildout of an Identity and Privileged Access ecosystem such as CrowdStrike and CyberArk and apply comprehensive knowledge of access security controls to the completion of complex assignments. You will identify and recommend changes in procedures, processes, and scope of delivery.

• Troubleshoot complex heterogeneous environments related to identity and privileged access technologies through server log and network traffic analysis, leaning on experience with troubleshooting and analysis techniques and tools
• Understand taxonomy of privileges on named or shared privileged accounts
• Incorporate cybersecurity best practices for technology governance over privileged account lifecycles
• Configure and customize security policies based on organizational requirements and best practices
• Development of PAM (CyberArk) connection components and plugins as needed utilizing various scripting tools (PowerShell, python) and rest API's
• Policy Management: Develop and enforce security policies within the CrowdStrike Falcon platform
• Endpoint Security Management: Deploy and manage endpoint security agents across the organization’s devices
• Monitor and analyze endpoint security data to identify potential threats and vulnerabilities
• Incident Response: Respond to security incidents detected by the CrowdStrike Falcon and CyberArk platforms
• Investigate security alerts, analyze root causes, and take appropriate remediation actions
• Develop regular reporting and be accountable for deliverables

YEARS EXPERIENCE:

At least five (5) Years experience in implementation, integration, and operations of privileged access technologies such as CyberArk and CrowdStrike and all its components.

EDUCATION REQUIREMENTS:

Bachelor’s Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology

CERTIFICAITON(S):

DD8140/DoD8570.01-M IAT Level II e.g., CCNA Security, CSA+, GICSP, GSEC, Security+ CE, SSCP or higher-level certification

CLEARANCE LEVEL:

Active Top Secret with the ability to obtain TS/SCI

WORK ENVIRONMENT AND PHYSICAL DEMANDS: 

This is primarily a Telework position with a requirement to be onsite at least two (2) days a week. Onsite days may be higher during initial project design and implementation.

If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.

Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.