Job Description

Advanced Systems Design is seeking a  Systems Architect   for our client located in Tallahassee, FL .

This position is onsite in Tallahassee, FL, and requires in-person availability starting day 1. 

Job Overview:

This position is responsible for the implementation and configuration of the identity and access management platform, OKTA . This includes Universal Directory, Single Sign-On, Adaptive MFA, Lifecycle Management, Identity Governance, and Privileged Access. We require expertise in best practices for identity and access management (IAM) and a strong understanding of the Okta platform.

The Systems Architect will be directed and managed by the Office of Information Technology (OIT) to ensure the Okta implementation's architecture and configuration align with Department-wide identity and access management standards and objectives.

Okta Implementation and Configuration
The Systems Architect shall be responsible for implementing and configuring the following Okta modules to meet specific requirements:

Universal Directory (UD)
Establish Okta as the central source of truth for user identities.
a. Configuration and maintenance of Okta Universal Directory.
b. Integration of Okta with existing directories (e.g., Active Directory) and HR systems.
c. Design and implementation of user schema and group structures.

Adaptive Multi-Factor Authentication (MFA)
Implement adaptive MFA across all our applications to enhance security.
a. Implementation and configuration of Adaptive MFA policies.
b. Integration of MFA with various applications.
c. User enrollment and support for MFA.

Integration with Zero Trust Network Access (ZTNA) Tool
Integrate Okta with our existing ZTNA solution.
a. Collaboration with the ZTNA team to integrate Okta.
b. Configuration of Okta to support ZTNA policies.
c. Troubleshooting integration issues.

Lifecycle Management (LCM)
Implement automated user provisioning and de-provisioning based on approval workflows and the principle of least privilege. This includes assisting in identifying and defining appropriate roles based on positions and responsibilities.
a. Development and implementation of automated provisioning and de-provisioning workflows.
b. Configuration of application integrations for LCM.
c. Ongoing maintenance and optimization of LCM processes.

Role-Based Access Control (RBAC)
Design and implement a robust RBAC model within Okta.
a. Design and implementation of RBAC models within Okta.
b. Assignment of roles and permissions to users.
c. Review and maintenance of the RBAC structure.

Identity Governance (IG)
Configure access certifications, particularly with a focus on privileged access roles. Implement reporting, auditing, and overall governance on identity data and access.
a. Configuration and execution of access certifications.
b. Generation of reports and audit logs related to identity and access.
c. Implementation of identity governance policies.

Privileged Access (PA)
Implement Just-In-Time (JIT) access, step-up authentication, and session isolation and monitoring for privileged users.
a. Configuration of JIT access and step-up authentication.
b. Implementation of session monitoring for privileged users.
c. Documentation of privileged access procedures.

Required Qualifications:

• 10+ years of documented experience in Information Technology, with a strong focus on Security and Identity and Access Management (IAM).
• Hands on Experience implementing and configuring enterprise identity platforms, particularly Okta.

Preferred Qualifications:

• Deep technical expertise in the Okta platform, including advanced configuration and management.
• Proven ability to architect and implement Okta solutions in complex environments.
• Experience with integrating Okta with various applications and security tools (like ZTNA).
• Designing and implementing automated provisioning workflows and Role-Based Access Control (RBAC) models within Okta.
• Experience with access certifications, particularly for privileged access roles.
• Setting up and utilizing Okta's reporting, auditing, and identity governance functionalities.
• Implementing Privileged Access features such as Just-In-Time (JIT) access and step-up authentication.
• Excellent verbal and written communication skills, including the ability to articulate complex technical concepts related to identity and access management to both technical and non-technical stakeholders (security teams, application owners, end-users).
• Ability to clearly document system configurations, integration processes, and architectural designs related to identity management.
• Facilitation of technical discussions and workshops related to identity and access management design and implementation.
• Ability to present identity management solutions and recommendations effectively to various audiences.
• Understands the importance of clear and timely communication regarding project status, risks, and issues related to the identity management environment.
• Proactively shares knowledge and best practices related to identity management with the internal team.
• Deep and comprehensive understanding of enterprise-level identity and access management platforms, including directory services, single sign-on (SAML, OAuth 2.0, OIDC), multi-factor authentication, lifecycle management (provisioning, de-provisioning, workflows), identity governance (access certifications, SoD), and privileged access management (JIT, step-up).
• Strong understanding of integration methodologies for connecting identity management systems with various SaaS applications, on-premises systems, directories (AD, LDAP), and custom applications using standard protocols and APIs.
• Working knowledge of security protocols and best practices related to authentication, authorization, and identity management.
• Understanding of network concepts relevant to identity management system deployment and integration (firewalls, proxies, etc.).
• Familiarity with scripting languages (e.g., PowerShell, Python) for automation tasks within or related to identity management.
• Knowledge of API integration and management, particularly with identity management platform APIs.
• Strong analytical skills to diagnose and resolve technical issues within the identity management environment and its integrations.
• Ability to translate business requirements into effective and secure identity management configurations and policies.
• Excellent troubleshooting skills for authentication, authorization, provisioning, and other identity management-related problems.
• Ability to identify potential risks and propose mitigation strategies related to the identity management implementation.
• Keeps abreast of the latest features, updates, and security best practices in the identity and access management landscape.
• Ability to optimize identity management system configurations for performance and scalability.
• Ability to guide the technical implementation of the identity management platform based on best practices and architectural principles.
• Experience in designing scalable and secure identity management solutions to meet current and future needs.
• Ability to make sound technical decisions regarding platform configuration and integration strategies.
• Mentors and guides internal team members on identity management best practices and technical aspects.
• Ability to effectively collaborate with security teams, application owners, network engineers, and other stakeholders during the identity management platform implementation.
• Acts as a technical liaison between different teams regarding identity management-related matters.
• Willingness to assist in various technical tasks related to the identity management deployment.
• Facilitates technical discussions and knowledge sharing about the identity management platform within the team.

Advanced Systems Design, Inc. is:

• A leading Information Technology provider for Federal, State & Local government agencies.
• A certified minority-owned small business government contractor with capabilities related to Public Health IT, Criminal Justice, Transportation, and Defense.
• A certified service-disabled veteran-owned company with a proud 42-year track record of providing successful innovative solutions for our government customers.
• A drug-free workplace in accordance with the Drug-Free Workplace Act of 1988. 
• Applicants who have a signed offer of employment or contractor agreement are subject to:
  • the pre-employment testing protocol:
    • background investigation
    • drug screening

Our Employees:

• Are actively working on next-generation technology projects with the U.S. Department of Veterans Affairs, CDC, and a wide array of Federal, State, and Local agencies throughout the United States
• Are eligible for wide-ranging benefits and perks, including but not limited to:
  • Comprehensive Health Insurance with PPO and HDHP/HSA options
  • Dental Insurance
  • Vision Insurance
  • Short/Long-Term Disability
  • Group Life Insurance - Company Paid
  • Voluntary Life Insurance
  • 401(k) Plan with Employer Match
  • Paid Time Off (Vacation/Sick)
  • Holiday Pay - Company Paid Federal Holidays
  • Tuition Assistance
  • Professional Certification Incentive Plan
  • Employee Referral Plan
  • Technology Exposure

For additional information regarding Advanced Systems Design, please check out our WEBSITE or click HERE for all current job openings.

Advanced Systems Design is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Job Tags

Holiday work, Full time, Temporary work, For contractors, Local area,

Similar Jobs