GIAM Authentication & Host Security Specialist

GIAM Authentication & Host Security SpecialistCandidate with hands-on experience in managing capacity, SME and building infrastructure for Ping Access, Ping Federate, Ping LDAP, Virtual Directories using Automation and Tools like Ansible. - SME knowledge on the Single Sign On (SSO) products with the web agent configuration experience- SME knowledge on the LDAP products i.e, ODSEE (Sun One LDAP) and Unbound Directory- SME knowledge on the SAML federation products for the various use cases like IDP / SP / WS / OAuth. etc- Should have very good knowledge in the Unix and Red hat Linux operating systems- Hands on troubleshooting experience with fiddler / IE http header - Understanding of the network related concepts like DNS / LB / TCP / DMZ. etc•The current position is for Authentication infrastructure team within Citi that is primary responsible for Building, configuring, and managing Security infrastructure (Access management).Experience requirements (7-10 years):The resource should be Proficient in authentication services technologies, such as SSO, Kerberos, Federation with hands on experience on at least a few of the following: Ping Identity products (Ping Access, Ping Fed, Ping Directory); Radiant Logic Virtual directory; Broadcom (CA Siteminder, CA Directory server).The position requires understanding configuration, deployment process, maintenance, and troubleshooting of the security products listed above. The candidate is expected to understand the various logs generated by the security products and be able to use the information to troubleshoot issues.The experience with managing the directory servers needs to be using command line, and not using the administrative UI as that is not implemented in the infrastructure. The candidate also needs to be familiar with standard LDAP commands to examine and maintain data in the directory.In-depth understanding of the Kerberos Domain Controller features in UNIX is a significant plus, again including implementing, configuring, and troubleshooting.knowledge of Linux commands and Schedulers (CRON, AUTOSYS) is required, And overall, while a programming background is not necessary for the position, the candidate is expected to have experience using UNIX shell scripting while performing their duties.Auth Specialist description (NAM):• Knowledge of middleware products IBM WebSphere & Apache a plus.• Understanding of firewalls, pooling, VIPs/WIPs, certificates etc. and their impact on application server configuration and architecture.• Ability to work with and coordinate with Internal teams for any patching/issues/troubleshooting of Application server infrastructure.• Proficient with Microsoft Office products including Word and Excel and Service Ticketing system are preferred• Ability to work with Internal teams for any CIVA/CAVA findings.• Excellent written and verbal communication skills, Ability to work well individually and as part of a team.• Must have good work ethic to follow documented process.