Senior IAM Consultant-ForgeRock

IAM Technology Skills:

• Technical experience in designing and implementing identity and access management solution
• Good understanding of Authentication, Authorization, MFA, SSO, Federation, OAuth, OIDC, Provisioning, Reconciliation, Proxy and Directory Services concepts.
• Three or more years of experience with software development and implementation of one or more Access management and federation products such as ForgeRock or equivalent solutions.
• Managing ForgeRock solution deployments through the complete system development life cycle, including analysis of solution requirements, solution design, architecture and supporting business processes, configuring and customizing IAM software products using Java/JavaScripts/GroovyScripts, and testing (unit, system integration, performance and UAT testing).
• Software development and implementation of one or more Access management and federation products such as Okta/Ping Identity/ForgeRock/Microsoft Entra, PingFederate, PingAccess, Ping Directory, OpenDS, or at least equivalent solutions (e.g., CA (SiteMinder, AuthMinder, Identity Minder, Federation Security, Directory), or Oracle (Directory, Access Manager, Identity Federation).
• Experience configuring authorizations with API Access management and implementing Single Sign-On (SSO) with OIDC required
• Experience in configuring High Availability solutions (e.g. load balancing, fail over, etc.)
• Experience with Enterprise Provisioning, Roles based Access Controls, Single-Sign On, external and internal federation and systems integration.
• Development experience in Okta/Ping Identity/ForgeRock/Microsoft Entra IDM of Objects, connectors and mapping in IDM solutions, understanding/knowledge on user, role life cycle management, provisioning data to and from various sources like AD/LDAP, writing/creating custom REST endpoints using JavaScript or Groovy. Knowledge on out of box and custom endpoints and connectors, reconciliation and self service.
• Experience on Platform UI, Ping Identity/ForgeRock UI.
• Development experience in Ping/ForgeRock IG, Okta Access gateway or other reverse proxy to configure and write custom routes/proxy rules, manage application access and security with DNS capabilities, proxying web service requests and external rest calls connections.
• Experience with Enterprise Directory/Directory Integration (ITDS, SDS, AD, LDAP).
• Complete end to end understanding of all the products of Okta/Ping Identity/ForgeRock/Microsoft Entra
• Development of custom Authentication Module, Authentication Trees Nodes, Account Mappers and Adapters based on outlined customer requirements and use cases.
• Customization of directory operations like creation of custom password policies, indexes, schema etc. Should have knowledge on generic ldap operations
• Implementing automated provisioning of end-point by using custom provisioning flows, SCIM or JIT capabilities.
• Should possess capabilities in designing solutions on ForgeRock
• Experience in integrating with various identity and provisioning solutions is a plus.
• Solid understanding of concepts of SAML 2.0 and various OIDC grants.

General skills:

• Good knowledge of Web Access management processes, technologies, with emphasis on OIDC, federation expertise, web services and SOA.
• Strong experience with Java, or another object oriented programming language preferred
• Experience with JavaScript, Python, Ruby, PowerShell, or other scripting languages preferred
• Knowledge of software version control using Git and Static Application Security Testing (SAST) Software like SonarQube is preferred.
• Good Understanding of SSL certificate management, Keytool, OpenSSL, PKI.
• Good to have Devops CI/CD knowledge
• Utilizing methodologies, including Object Oriented Analysis, Design, and Development (OOAD), Unified Modeling Language (UML) and software development lifecycle.
• Good to have experienced with Jira or Rally
• Good to be proficient in Agile methodology

People Skills:

• Should have experience in leading teams
• Demonstrated communication and comprehension skills, both written and verbal
• Strong analytical skills; being able to work through symptoms and problems logically to timely resolution.
• Able to communicate directly with the client via email and in meetings.

Experience Required:

• Minimum of 4+ years of professional experience in progressive roles in Identity and Access Management.
• Minimum of 2+ years of professional experience in development using UI and Server-side technologies like Java, J2EE, Groovy and Java Script.
• Minimum of 3+ years of ForgeRock experience with hands-on.