Atos is a global leader in digital transformation with 120,000 employees in 73 countries and annual revenue of EUR 13 billion. European number one in Cloud, Cybersecurity and High-Performance Computing, the Group provides end-to-end Orchestrated Hybrid Cloud, Big Data, Business Applications and Digital Workplace solutions through its Digital Transformation Factory, as well as transactional services through Worldline, the European leader in the payment industry. With its cutting-edge technologies and industry knowledge, Atos supports the digital transformation of its clients across all business sectors. The Group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and operates under the brands Atos, Atos Syntel, Unify and Worldline. Atos is listed on the CAC40 Paris stock index.
Your role in Atos - Job Description
IAM/PAM Security Deployment Engineer's role is a strong technical position which will support the implementation of IAM security strategies and architecture vision as it relates to the customer's IAM transformation programs or cloud initiatives, specifically deploying agreed direction for IAM strategy related to cloud or changed environment. The IAM/PAM Security Deployment Engineer will work with other Engineers, Deployment Consultants, Architects and Service Owners to deploy enterprise solution that is scalable, adaptable and synchronized with the customer's IT, ITN Security aligned company's strategy. You will be advising our Clients regarding innovative IT security solutions. Initiating and executing Information Security Governance and Risk Management implementation programmes (in particular those related to IAM and cloud environments). Describing complex solutions in meaningful business language that engages business stakeholders.
As a IAM/PAM Security Deployment Engineer you are a member of an ambitious international team that works in a strategic growth area for the best organizations in the sectors of Financial Services; Manufacturing, Retail & Transport; Public & Health; Telecommunication, Media and Utilities. Together you will distinguish yourselves through commitment and implementation quality. As a member of a global team you operate independent or in collaboration with other entities and regions within Consulting or Atos itself. You will work mainly on large IAM Programs or projects led by Atos or Atos customer dependent on their specifics in the role of main IAM Deployment Engineer/Consultant, IAM Cybersecurity engineer, IAM (hybrid) cloud security transformation engineer/consultant, Privileged Access Management deployment consultant and cooperate with IAM strategy Program or project managers, IAM solution architects, IAM Governance experts. In some programs or projects, you may be asked to act as deployment consultant on specific area of IAM implementation related to specific changes to customer's HR system, Active Directory, Azure Federation Services, Federation protocols, etc. with dedicated IAM solutions like Microsoft Identity Manager, ForgeRock, Sailpoint, CyberArc, One Identity, Dell IAM Solutions, Evidian/DirX, Oracle, CA. You understand and realize technical aspects of various IAM and PAM deployment strategy also in business context and its broader technical customer application and infrastructure, in particular those related to cloud environments and cyber security and are able to advise clients, are familiar with the importance of those activities. You are familiar with the importance of data security and are knowledgeable with regard to IT operations and security risks side of these activities.
What Are We Looking For / Essential skills and competencies:
- Experience working in the role IAM/PAM deployment engineer/consultant, IAM/PAM deployment engineer/consultant, and practical experience in the field of IT/Information Security is required.
- Experience working in Financial Services; Manufacturing, Retail & Transport; Public & Health; Telecommunication, Media and Utilities
- Master or bachelor's degree in relevant areas (technical, IT studies preferred)
- Security enterprise architecture knowledge certifications or security industry certification is required including but not limited to SABSA, Togaf, Vendor Certification of professional IAM/PAM Platform and practical working knowledge of one of the following IAM/PAM platforms: Microsoft Identity Manager, Azure PIM, ForgeRock, Sailpoint, CyberArc, One Identity, Dell IAM Solutions, Courion, NetIQ, Quest, Ping, Evidian/DirX, (the more cross platform knowledge the better)
- Other security certifications like: CISA, CISSP, SSCP, SANS GSEC, ECSA, ECSP, CEH, OSCP, CompTIA Security+ or equivalent certification is a plus
- Professional, timely implementation of technical security roadmaps related to on-site or cloud security of IAM/PAM.
- Experience in deployment of IAM/PAM solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud providers.
- Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth.
- Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
- Federation concepts and technologies particularly with solutions from ADFS and Ping Identity.
- In-depth experience with Microsoft Azure, particularly Azure AD and architecture designs connecting Azure to enterprise infrastructure.
- Experience implementing adaptive web-based authentication/authorization policies using a centralize web access management system
- Strong experience with Directories, like AD, LDAP, SSO, Federation, Delegated administration, API gateways, SOA services.
- Strong understanding of cloud computing architecture, technical design and implementations, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) delivery models.
- Expert level experience in Cloud Authentication and Access management Services.
- Expert level experience in cloud solution development with Azure, AWS, Google, or other relevant cloud solution architectures.
- Integrate OpenAM and/or OpenIDM with backend systems (such as Oracle, AD and OpenDJ)
- Integrate OpenAM and/or OpenIDM with cloud-based systems (Google Apps, Salesforce, O365)
- Configure OpenAM/OpenDJ/OpenIDM in a highly-available environment
- Deploy and Configure OpenAM and/or OpenIDM in a cloud environment (e.g. Amazon AWS)
- Lead customers in developing an IDM deployment roadmap and migration from legacy IDM systems to ForgeRock's Open Identity Suite, Sun's IDM Suite, etc.
- Integrate OpenAM and/or OpenIDM with modern Development and DevOps tools (e.g. Puppet, Docker, GitHub, Python, Bash and Maven)
- Be able to diagram, document and present IDM architecture designs to customers and potential customers based on unique requirements per their industry (e.g. K12, Banking, Federal, DoD)
- Good understanding of Multi-Factor authentication and Privileged Access Management
- Experience in various techniques of securing and governing access to web-based applications
- Experience with web application platforms (e.g. Apache Web Server, Tomcat, or JBoss)
- Good understanding of TCP/IP and RESTful based architectures
- 2-3 years of web-based software development (e.g. J2EE, PHP, Python)
- Must have working knowledge and understanding of networking technologies such as LAN, WAN, TCP/IP, load balancers, firewalls etc.
- Strong critical thinking and analytical skills and ability to think "out of the box" required.
- Must be able to work independently or with a team, under minimum supervision, reporting to Project Manager of given assignment or Line Manager.
- Excellent customer service and communication (oral / written) skills required.
- Fluent English is a must, Intermediate or Fluent German or French is a great plus
- International mobility to serve our global clients and work with our global clients (50-100%) Europe or other continents. You accept readiness to travel up to 80-100% on average 60% also there are remote projects dependent on the assignment, mainly Europe but other continents are also possible.
- EU work permit is a must, US visa is a plus
- UK Security Clearance or UK citizenship - is a big plus
- Location - anywhere in Poland close to an international airport. Warszawa, Wrocław, Kraków, Łódź preferred.
Why you should join us:
- Participation in the international consulting projects along with the opportunity of implementing your own ideas and improvements
- Working for large clients in all sectors (like public, manufacturing, retail, finance, telecom, transport)
- Internal and external (technology) courses
- Access to our knowledge library and interdisciplinary e-learning portals
- A good salary and attractive extra benefits
- Excellent career opportunities
- The opportunity to work on complex projects for interesting clients
- Working in an innovative environment with ambitious colleagues and a committed practice partner and practice manager.
We take care of your personal data privacy. More information about processing your personal data within recruitment process you can find on our website: https://atos.net/pl/polska/gdpr.