#JOB – Identity and Access Management Engineer – Washington, DC (#IndentityAccessManagement #IAM #SiteMinder #Washington #DistrictOfColumbia)

Role: Identity and Access Management Engineer Level II

Location: Washington, DC

Job Type: Contract


The incumbent will work in the Identity Management and Security Engineering (ITSES) Unit at the World Bank. ITSES manages a Web Access Management system, internally called Passkey which uses CA’s SiteMinder Web Access Management Policy Server and Oracle’s Directory Server Enterprise Edition (DSEE) running on Redhat Linux platform.

Duties and Accountabilities (general):

• Installation, configuration and maintenance of CA SiteMinder Policy Server R12.5 and Oracle Directory Server 11g and above.

• Create and maintain new LDAP OU, Groups, Schema, and attributes.

• Set up the Multi-Master Directory Replication across the data centers.

• Troubleshooting of problems, performance tuning and day-to-day administration activities.

• Support SiteMinder connectors and session-linkers for SAP, PeopleSoft, Documentum environments, SiteMinder Agent for SharePoint and TAI agents.

• Support form-based, certificate-based, SecurID-based authentication and Integrated Windows Authentication.

• Test and integrate identity federation with Cloud (SaaS) applications using SiteMinder Federation services.

• Keep track of the Service Packs released by CA and Oracle, and applying them as and when necessary.

• Install and configure Microsoft AD FS servers. Work closely with a SharePoint project team who are using SiteMinder Federation Services in conjunction with Microsoft AD FS to provide authentication to the SharePoint websites..

• Work closely with the web administrators and website owners addressing their problems. If needed, act as a liaison between CA or Oracle technical support and the web administrators.

• Evaluate emerging authentication and authorization technologies for cloud and mobile applications. Test and integrate new IAM solutions with business applications.

• On-call rotation 24X7 for production environment.

Selection Criteria:

• Bachelor’s degree in Computer Science, Electrical Engineering or related discipline with at least 5 years of experience in engineering and supporting Information Technology systems in an Enterprise setting.

• Minimum three years proven experience in administering CA SiteMinder Policy Server and Oracle DSEE (formerly Sun ONE Directory Server).

• In depth knowledge of LDAP directory internals.

• Proven experience in setting up and supporting web single sign-on (SSO) using IBM HTTP Server, IIS Web Server, and SharePoint environments.

• Good understanding of OpenID Connect, SAML, SCIM protocols

• Good understanding of RBAC, ABAC, Externalized Authorization, Policy driven authorization, Entitlement Store, Group Management

• Good understanding of OAuth for authorization

• Good understanding of Microsoft ADFS technology and its integration with SiteMinder Federation Services. Experience with Identity as a Service (IDaaS), such as Azure AD Premium, Okta, PingOne, is a plus.

• Familiarity with Virtual Directory technology.

• Familiarity with performance analysis using performance monitoring and tuning tools.

• Strong analytical thinking skills.

• Excellent interpersonal skills, including an ability to work effectively in a team/task force as a participant or team leader.

• Demonstrate flexibility to work environment changes and emerging opportunities.

• Ability to balance risks and reprioritize as needed.

• Demonstrate continuing professional development.

• Superior verbal and written communication/presentation skills in English.

• Professional certifications, e.g., Certified Information Systems Security Professional (CISSP) by (ISC)2 and GIAC Certified Forensic Examiner (GCFE), or advanced information security training by educational organizations such as SANS Institute.

Required Skills SiteMinder,Sun ONE Directory Server,Radiant Logic VDS;


(Employers / Vendors) Click Here to Apply

(Candidates) Click Here to Apply



PH NO: +1-678-720-3170 || SKYPE ID: abraham_vdart || EMAIL ID: abraham@vdartinc.com