Identity Access Management (IAM) Engineer
Information Technology/Computing | livermore, CA | 03/17/2023
Job Code: SES.2 Science & Engineering MTS 2 / SES.3 Science & Engineering MTS 3
Position Type: Career Indefinite
Security Clearance: Anticipated DOE Q clearance (requires U.S. citizenship and a federal background investigation)
Drug Test: Required for external applicant(s) selected for this position (includes testing for use of marijuana)
Medical Exam: Not applicable
Join us and make YOUR mark on the World!
Are you interested in joining some of the brightest talent in the world to strengthen the United States’ security? Come join Lawrence Livermore National Laboratory (LLNL) where our employees apply their expertise to create solutions for BIG ideas that make our world a better place.
We are committed to a diverse and equitable workforce with an inclusive culture that values and celebrates the diversity of our people, talents, ideas, experiences, and perspectives. This is essential to innovation and creativity for continued success of the Laboratory’s mission.
$123,960 - $166,992 Annually for the SES.2 level
$148,650 - $200,328 Annually for the SES.3 level
Please note that the pay range information is a general guideline only. Many factors are taken into consideration when setting starting pay including education, experience, the external labor market, and internal equity.
We have an opening for an Identity Access Management (IAM) Engineer to work on projects that cover a range of system, applications technologies in the areas of Enterprise Access Single Sign-on. You will research, develop, and integrate state-of-the-art software to provide Enterprise authentication and authorization services. This position is in the Applications, Simulations and Quality Division in the Computing Directorate.
This position will be filled at either the SES.2 or SES.3 level based on knowledge and related experience as assessed by the hiring team. Additional job responsibilities (outlined below) will be assigned if hired at the higher level.
In this role you will
- Provide Web, REST API Single Sign-On authentication and authorization services by integrating with Access Manager
- Work with developers to enable applications for authentication and authentication services
- Monitor production services and respond to system problems and user issues
- Contribute to the fulfillment of technical projects and organizational objectives functioning as an effective team member on multi-disciplinary teams
- Provide technical assistance, training, and/or mentoring to others in the areas of authentication and authorization services
- Participate in development of new processes and serve as a primary technical point of contact with sponsors and stakeholders
- Exercise independent judgement to define, develop, and implement original solutions to complex problems of a broad and diverse scope at the team, directorate, or institutional level
- Perform other duties as assigned
Additional job responsibilities at the SES.3 Level
- Lead and provide enterprise solutions recommendation
- Develop and lead new solutions that meet mission level goals
- Own and Support current and future enterprise customers use cases
- All your information will be kept confidential according to EEO guidelines
- Ability to obtain and maintain a US DOE Q-level security clearance which requires U.S. Citizenship
- Bachelor’s degree in Computer Science with security focus, or related field, or the equivalent combination of education and related experience
- Knowledge of fundamental networking and distributed computing concepts, as well as security engineering, application security, and system security principles
- Broad knowledge in one or more of the following areas (LDAP, PKI, RSA SecurID, CDSSO, SAML2, OAuth/OIDC, and other Claims based authentication)
- Knowledge in HTTP, XML, AJAX, REST, SCIM
- Experience in Linux OS and Windows Development environments
- Effective analytical and problem-solving skills to contribute to creative solutions to moderately complex problems on server side
- Proficient verbal and written communication skills necessary to work effectively with application developers, system programmers, and other technical staff
Additional Qualifications at the SES.3 Level
- Advanced knowledge of encryption algorithms and security protocols (RSA, SSL, TLS), as well as security vulnerability, ForgeRock, ADFS, Ping Federate, and other On Prem IDP Stacks
- Master’s degree in Computer Science and 7 years or 10+ years’ experience in the Authentication, and IAM space, with a proven track record of leading large enterprise level Identity Solutions
- Broad experience in Cloud and Federated platforms, and ecosystems, with Solutions Architect, or Security Architect Experience
This is a Career Indefinite position, open to Lab employees and external candidates.
Why Lawrence Livermore National Laboratory?
- Flexible Benefits Package
- Relocation Assistance
- Education Reimbursement Program
- Flexible schedules (*depending on project needs)
- Inclusion, Diversity, Equity and Accountability (IDEA) - visit https://www.llnl.gov/diversity
- Our core beliefs - visit https://www.llnl.gov/diversity/our-values
- Employee engagement - visit https://www.llnl.gov/diversity/employee-engagement
This position requires a Department of Energy (DOE) Q-level clearance. If you are selected, we will initiate a Federal background investigation to determine if you meet eligibility requirements for access to classified information or matter. Also, all L or Q cleared employees are subject to random drug testing. Q-level clearance requires U.S. citizenship.
Pre-Employment Drug Test
External applicant(s) selected for this position must pass a post-offer, pre-employment drug test. This includes testing for use of marijuana as Federal Law applies to us as a Federal Contractor.
Equal Employment Opportunity
We are an equal opportunity employer that is committed to providing all with a work environment free of discrimination and harassment. All qualified applicants will receive consideration for employment without regard to race, color, religion, marital status, national origin, ancestry, sex, sexual orientation, gender identity, disability, medical condition, pregnancy, protected veteran status, age, citizenship, or any other characteristic protected by applicable laws.
We invite you to review the Equal Employment Opportunity posters which include EEO is the Law and Pay Transparency Nondiscrimination Provision.
Our goal is to create an accessible and inclusive experience for all candidates applying and interviewing at the Laboratory. If you need a reasonable accommodation during the application or the recruiting process, please use our online form to submit a request.
California Privacy Notice
The California Consumer Privacy Act (CCPA) grants privacy rights to all California residents. The law also entitles job applicants, employees, and non-employee workers to be notified of what personal information LLNL collects and for what purpose. The Employee Privacy Notice can be accessed here.Apply Now