Skip to Main Content

Identity and Access Management Engineer (Forgerock)

IT SYSTEMS TECHNICAL SPECIALIST

Recruitment #23-004488-0022

Go Back View Benefits

Introduction

When you join the Maryland Department of Human Services (DHS), you join a team of more than 5,000 employees across the state dedicated to positively changing the lives of more than 1 million Marylanders each year. We do this by providing economic support, preventive services, and caring for children and adults. 


We aim to deliver services so that we more quickly meet the needs of the people we serve. At DHS, we grapple with hard questions to find new ways to foster a culture of bold innovation. We do this to ensure that in Maryland, we achieve Governor Wes Moore’s pledge to leave no one behind.

This is a full-time contractual position.

GRADE

19

LOCATION OF POSITION

Department of Human Services
MD THINK 
849 International Dr.
Linthicum Heights, MD 21090

Main Purpose of Job

The IAM (Identity and Access Management) Engineer will play a critical role in ensuring the security and efficiency of our organization's digital assets by designing, implementing, and maintaining our IAM systems. The ideal candidate will have a deep understanding of IAM principles, experience with IAM technologies, and a strong commitment to safeguarding sensitive information. The ideal candidate will also have a clear understanding of account authentication using Forgerock.

POSITION DUTIES

  • Develop, implement, and maintain IAM solutions, including identity provisioning, access control, authentication, and authorization mechanisms using Forgerock.
  • Design IAM workflows, policies, and procedures to ensure secure and efficient access management.
  • Manage user onboarding, offboarding, and role changes, ensuring adherence to security policies and compliance requirements.
  • Automate user provisioning and deprovisioning processes to enhance efficiency.
  • Define and enforce access control policies, including role-based access control (RBAC), least privilege principle, and segregation of duties (SoD).
  • Conduct periodic access reviews and audits to maintain compliance.
  • Stay current with industry best practices, regulations, and compliance standards related to IAM, such as GDPR, HIPAA, and NIST.
  • Ensure IAM systems meet all security and compliance requirements.
  • Implement and maintain identity federation solutions for single sign-on (SSO) across applications and services.
  • Integrate IAM systems with external identity providers (IdPs).
  • Respond to IAM-related incidents, investigate security breaches, and perform root cause analysis.
  • Troubleshoot and resolve IAM system issues in a timely manner.
  • Maintain comprehensive documentation of IAM policies, processes, and configurations.
  • Generate reports and metrics related to IAM activities and security posture.
  • Collaborate with cross-functional teams, including IT, security, and compliance, to ensure IAM aligns with business goals.
  • Communicate IAM-related updates and recommendations to stakeholders.

MINIMUM QUALIFICATIONS

Experience: Seven years of experience designing, developing, testing, implementing and maintaining application, communication, database or operating systems software.

Notes:

1. Candidates may substitute graduation from an accredited high school or possession of a high school equivalency certificate and thirty credit hours from an accredited college or university in Computer Science, Computer Technology, Management Information Systems or other information technology-related field to include coursework in application, communication, database or operating systems software technology for four years of the required experience. 

2. Candidates may substitute graduation from an accredited high school or possession of a high school equivalency certificate and one year of experience designing, developing, testing, implementing and maintaining application, communication, database or operating systems software for four years of the required experience.

3. Candidates may substitute experience operating computer systems; or scheduling, controlling input and output to process data on computer systems; or evaluating, implementing and maintaining computer hardware and software; or converting data from project specifications by developing program code using generally accepted computer programming languages on a year-for-year basis for a high school education.

4. Candidates may substitute the possession of a Bachelor's degree from an accredited college or university in Computer Science, Computer Information Technology, Management Information Systems or other information technology-related field to include coursework in application, communication, database or operating systems software technology and three years of experience designing, developing, testing, implementing and maintaining application, communication, database or operating systems software for the required experience.

5. Candidates may substitute U.S. Armed Forces military service experience as a commissioned officer in the Computer Systems Operations classifications or Computer Systems Operations specialty codes in the Information Technology field of work on a year-for-year basis for the required experience.

DESIRED OR PREFERRED QUALIFICATIONS

The ideal candidate will possess the following:
  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). 
  • Five years proven experience as an IAM Engineer or similar role, with a strong understanding of IAM concepts and technologies.
  • One year of Familiarity with IAM solutions such as Forgerock, Okta and AWS IAM.
  • One year of Knowledge of authentication protocols (e.g., SAML, OAuth, OpenID Connect).
  • One year of Proficiency in scripting languages (e.g., Python, PowerShell) for automation.
  • Three years proven experience of Development, implementation, and maintenance of IAM solutions, including identity provisioning, access control, authentication, and authorization mechanisms using Forgerock.

SELECTION PROCESS

Please make sure that you provide sufficient information on your application to show that you meet the qualifications for this recruitment. It is important that you report all related education and experience that is relevant to this recruitment qualifications. We will not consider information submitted after this date.  Successful candidates will be placed on the employment (eligible) list. The resulting list may be used for future vacancies with this agency.

BENEFITS

Contractual employees who work for an agency covered under the State Employee and Retiree Health and Welfare Benefits Program, have a current employment contract and work 30 or more hours a week (or on average 130 hours per month) may be eligible for subsidized health benefits coverage for themselves and their dependents. As a contractual employee, you will be responsible for paying 25% of the premiums for your medical and prescription coverage, including any eligible dependents you have enrolled. The State of Maryland will subsidize the remaining 75% of the cost for these benefits. You can also elect to enroll in dental coverage, accidental death and dismemberment insurance, and life insurance, but will be responsible to pay the full premium for these benefits.

 

Leave may be granted to a contractual employee who has worked 120 days in a 12 month period. This leave accrues at a rate of one hour for every 30 hours worked, not to exceed 40 hours per calendar year.

FURTHER INSTRUCTIONS

The online application process is STRONGLY preferred. If you are unable to apply online, you may mail a paper application and supplemental questionnaire to, Department of Human Services, Employment Services, Attention: Kendra Young, 311 W. Saratoga Street, Room 145, Baltimore, Maryland 21201.

If you have any questions concerning the recruitment process for this position, please email Kendra Young at kendra.young2@maryland.gov; include the job title and recruitment # in the subject line.

If you are having difficulty with your user account or have general questions about the online application system, please contact the MD Department of Budget and Management, Recruitment and Examination Division, at 410-767-4850 or Application.Help@maryland.gov. 

TTY Users: call via Maryland Relay.

As an equal opportunity employer, Maryland is committed to recruiting, retaining and promoting employees who are reflective of the State’s diversity. People with disabilities and bilingual candidates are encouraged to apply. We thank our Veterans for their service to our country.



Powered by JobAps