Cyber security professional

The Cyber security delivery team that owns the managed security services for this client, has an opening for an MFA & SSO Engineer specialized inMFA: RSA,2FA/ MFA & Microsoft MFA, SSO: Ping Federate, CA SiteMinder, Passport & Optimum

Technical Skills:

Experience with Enterprise SSO solutions like Ping, Azure and SiteMinder

Familiarity with ADFS, Kerberos, NTLM, OAuth, SAML, and other authentication methods

Strong hands-on Java/JEE experience

Familiarity with SNOW workflows

Experience with web application servers (Tomcat, WebSphere, WebLogic, JBOSS, etc.)

Knowledge of enterprise directories (LDAP, Active Directory SQL)

Knowledge of enterprise systems (Workday, ServiceNow)

Experience with the following web technologies (XML, SPML/SOAP, Web Services, etc.)is a plus

Experience on RSA MFA

Manage user access on AD/Windows

Good to have hands-on experience to integrate with Risk-Based Authentication methods

Familiarity with ADFS, Kerberos, NTLM, OAuth, SAML, and other authentication methods

Operational experience in Active Directory & Authentication processes

Perform advanced provisioning functionalities on Authentication services like RADIUS and RSA

Knowledge of Audit support

Knowledge of UNIX

Troubleshoot and resolve authentication, authorization and integration problems

Good understanding of various regulatory-related practices (SOX, HIPAA, GDPR, FDA, PCI, etc.) preferred

Process Skills:

Daily check the health status of all the RSA components and backup process in Production

Maintaining an exception list database for users who can import tokens on desktop. Verifying and approving ARP requests for desktop tokens based on the exception list

Upload licenses and token files to the RSA console

Upload new HDAP, SSP and AMIS certificates in prime servers when old certificates got expired.

Managing all RSA servers certificate inventory.

Apply approved patches and new software versions in a lower life cycle and assist the Quality Assurance team in regression tests

Participate with THD Engineer in applying approved patches and new SW versions in production

Handle and manage the token expiration campaign and token renewals

Formulate mail communication specific to the token profile used by the user and send the initial mail through IT Technology communication as part of the token expiration campaign

Open tickets with RSA and work with RSA directly to resolve issues providing all the requested information and logging

Check and disable if RSA tokens are installed on unauthorized desktops.

Manage the ITSM user and system tickets related to RSA Level 1 / 2 scope

Manage RSA Token Administrator mailbox for requests pertaining to RSA system issues

Create and implement change requests for the Production Support changes assigned to VENDOR

Manage hard token inventory

Remove tokens from user profiles that have been unused for more than 90 days

Clean up disk space as per threshold s in Production and non-Production servers in scope

Remove the expiring and expired tokens from the system in the lower life cycle and Production

Participate in the integration of new applications with RSA in Lower life cycle and Production

Remove duplicate/inactive tokens from user profiles that use up the licenses

Troubleshoot user issues

Support the Engineering team in creating and maintaining dashboard and ing configurations in the THD SIEM solution

Review dashboards and s in order to detect anomalies and/or issues

Create and maintain RSA SecurID guides and contribute to the creation of the MFA section of the Cybersecurity service catalogue.

Ensure that the RSA SecurID section in the Workbench portal is always up-to-date and accurate

Support THD Help Desk L1 in improving Knowledgebase articles and inform them about new features or changes in the existing process.

Update and maintain the RSA SecurID Operation Guide

Prepare weekly and monthly reports

Participate with THD Engineer to design, develop and test new features, processes and technologies related to MFA.