ISD Engineer IV (Identity Management and Governance)

Location: VA Vienna - Headquarters Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description


You have goals, dreams, hobbies and things you’re passionate about.

What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.

Don’t take our word for it.

  • FORTUNE 100 Best Companies to Work For®
  • Computerworld® Best Places to Work in IT
  • FORTUNE® Best Workplaces for Millennials
  • Forbes® America’s Best Employers


Basic Purpose

To research, evaluate, design, implement, and maintain Identity Management and Governance solutions by applying engineering principles. To provide Identity Management and Governance consultancy and engineering support for projects and maintain a working knowledge of evolving Identity Management and Governance technologies, concepts, and trends.

The Identity Engineer is a team member with an intermediate to advanced level of skills in the areas of Identity Management and Identity Governance Service, including engineering, architecture, deployment, configuration, upgrades, and system administration of Identity Management Systems and Identity Governance Systems. The general responsibilities include performing tasks related to full life-cycle project management, establishing and leading project teams, developing and communicating project plan/scope/schedule/cost, identifying risks, resolving issues, following change management process, delivering successful project deployments, performing documentation tasks and engineering tasks in support of business needs.

Identity Engineer Responsibilities:

•  Responsible for all aspects of providing intermediate to advanced level of technical support for Identity Management and Governance Service Life Cycle including requirement analysis, research, evaluate, design, install, configure, test, deploy, implement, maintain, and administer
•  Execute daily operational tasks for the mission of delivering the world-class Identity Management and Governance Services
•  Perform script-based automation of day-to-day business activities, including network maintenance events, patching events, resiliency events, server and application deployments
•  Partner closely with other internal team members to deliver exceptional service fulfillments, timely service restoration by following incident management process, and successful production implementations by following change management process
•  Participate in the design workshop and attend project meetings
•  Provide escalated technical support by handling system-related issues
•  Actively monitor new and emerging Identity Management and Governance Technologies, trends, issues, and solutions and assess their applicability to Navy Federal’s Identity Management and Governance Strategy
•  Monitor and remediate compliance with the organization’s information security policies and procedures among employees, contractors, and third parties
•  Monitor and remediate system security vulnerabilities
•  Troubleshoot and perform problem determination systematically to restore services efficiently and effectively
•  Create and maintain documentation to accomplish the goal of developing and maintaining reusable Knowledge Assets
•  Provide rotational 24x7 on-call technical support
•  Perform other duties as assigned/required

Required Qualifications:

•  Ability to perform day-to-day Identity Management and Governance systems tasks including but not limited to installation, migration, break-fix, upgrades, patches, creating identity profiles, designing approval workflow policies, developing connectors, and managing Access Certification Campaign Programs
•  Advanced systems troubleshooting skills in an enterprise environment with RHEL/Linux Systems, AIX/UNIX Systems, and Windows Systems
•  Advanced experience with Identity Management Systems, Identity Provisioning Systems, LDAP Directories, and Identity Governance Systems
•  Advanced experiences with supporting JBoss Application Server/WebSphere Application Server/or other similar JEE Application Server
•  Scripting skills – PowerShell, PHP, Bash, and Perl
•  Experience with developing and maintaining custom connectors for the endpoints with Identity Management systems
•  Ability to collect and analyze performance statistics and recommend changes
•  Excellent troubleshooting and problem determination skills with a systematic approach in solving technical problems
•  Excellent decision-making, problem-solving, and collaboration skills
•  Excellent communication and documentation skills
•  Excellent organization and interpersonal skills with emphasis on detail and follow-up
•  Bachelor’s Degree in Computer Science, Information Technology or the equivalent combination of training, education, and experience

Desired Qualifications:

•  Experience with one of the following Identity Governance Management Systems from CA/Broadcom/Symantec, Saviynt, SailPoint, IBM, Oracle, ForgeRock
•  Experience with AI-Driven Identity analytic solution
•  Experience with Pentaho Data Integration (PDI) tool to extract, transform, load Identity Accounts data between different type of directory systems and user registry databases
•  Experience with Identity Management systems migration
•  Experience provisioning identities with provisioning systems
•  Experience with creating workflow and approval flow for access provisioning
•  Experience in implementing one or more methods: Role-Based Access Control (RBAC), Policy-Based Access Control (PBAC), and Attribute-Based Access Control (ABAC)
•  Experience with Chef or Ansible or similar configuration management tools
•  Experience with the following endpoint type system: Active Directory Domain Service, Active Directory Lightweight Directory Service, eDirectory, CA/Broadcom SLAPD LDAP Server, CA/Broadcom Directory, Azure AD, Cloud Endpoints, Database, etc.

Experience with the following IAM technologies is a plus:

•    RSA SecureID Appliances Administration
•    eDirectory Server Administration

Hours: Monday through Friday, TBD and on-call availability 24x7 on a rotational basis

Location: 820 Follin Lane, Vienna, VA 22180 or Remote

Colorado Resident Pay Range: $96,200 - $138,900

*Due to COVID-19 and social distancing, this position will be temporarily working from home with plans to return to campus at the desired location listed once Navy Federal is back to normal operations. The specific logistics for returning to campus will be determined at a future date by individual leadership* 

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.
An assessment may be required to compete for this position.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.