ForgeRock Identity Manager Architect/Engineer

About the Opportunity:
Hybrid Pathways is currently looking for an experienced ForgeRock Identity Management Engineer Lead
for our client. Our client requires a ForgeRock Identity Management Engineer Lead to deploy
ForgeRock’s Autonomous Identity (AutoID) technology platform and tools in alignment with customer’s
user access strategy, business requirements, and identity life cycle. The Identity Engineer will participate
in the development of IAM strategies and product roadmaps and translate them into successfully
delivered projects. This role also includes ongoing analyses and assessments of access, access patterns
and control risks to proactively identify and mitigate potential identity threats. This is a 6-month remote
opportunity with the possibility of going full-time for the right candidate.

Responsibilities:
• Enterprise and application role owners and analysts can quickly identify and understand the
role composition of low-, medium-, and high-confidence roles and entitlements.
• Leverage AI/ML techniques to enable role engineers to review, evaluate, and visualize existing
roles and role models.
• Help the organization optimize the existing role model and create fewer, but higher quality
roles over time.
• Identify overprivileged entitlements and role access patterns and automatically remove
unnecessary entitlements and roles.
• Enable the provisioning of appropriate access to applications, systems, and data with
advanced and modern authentication through business rule definition of roles to feed the
Identity Management Systems (IDMS).
• Integrate with privileged access management services.
• Identify and evaluate complex business and technology risks, internal controls which mitigate
risks, and related opportunities for internal control improvement for role-based access
control.
• Evaluate and support complex IAM and technology risks, internal controls which mitigate
risks, and related opportunities for internal control improvement.
• Communicate the IAM aspects of both the production support and maintenance at the
technical and functional level to maintain or resolve a technical situation.
• Facilitate use of technology-based tools or methodologies to review, design and/or
implement products
• Onboard roles onto the ForgeRock platform by engaging with the app teams, understanding
their workloads, and incorporating those requirements for app role onboarding.
• Provide technical workflow, oversight and management application onboarding activities
driving the needs assessment, requirements definition, and collaboration across the
functional, technical and project management teams.
• Manage technical SDLC documentation such as business, compliance and technical.
• Maintain working knowledge of industry trends, common customer expectations, and
competition
• Develops the strategic technical platform approach for IAM and other programs within the
scope of the Identity Engineer's responsibility.

Required Skills:
• Bachelor's degree in the field of computer science, information science, management
information systems, or business administration or equivalent experience relevant to this
position.
• Minimum of 8 years related work experience required.
• Working hands on knowledge of ForgeRock’s identity solutions. Familiarity with other vendor
solutions would be a bonus. These solutions include other role modeling technologies that
leverage ML such as SailPoint.
• Exposure to other identity management technologies such as Okta, Microsoft Active
Directory, Microsoft Identity Manager, Azure AD, Azure AD Privileged Identity Management,
& Amazon based Authentication such as Cognito
• At least 6+ Years of expert-level hands-on experience in IAM & related technologies, including
Active Directory, Directory Services, Single Sign-On, LDAP, PKI, Cloud Directory Services,
Authorization & Authentication Technologies, User Provisioning, Privileged Access
Management, Role-Based Access Control (RBAC), etc.
• Hands-On experience with one or more IAM tools - Sailpoint, Okta, or Quest One.
• Thorough familiarity with standards such as SAML, WS-Sec; SOAP; REST, OATH; OAuth2.0;
Digest, XML, JSON, REST, etc.
• Excellent written and verbal communication skills
• Ability to work as liaison between business and information security/information technology
• Flexibility to accommodate working across different time zones.
• Excellent interpersonal communication skills with strong spoken and written English.
• Organizational skills with attention to detail.
• Business outcomes mindset.
• Solid balance of strategic thinking with detail orientation.
• Collaborative team worker – both in person and virtually using MS Teams or similar.
• Self-starter, ability to take initiative

Preferred Skills:
• CISSP, CISM, or equivalent certification a plus.

Required Education:
• BS in Computer Science or related field of study, or equivalent work experience.