Identity Management Engineer

📁
Information Technology
💼
IC-Information Technology
📅
87174 Requisition #

Berkeley Lab’s Information Technology (IT) Division has an opening for an Identity Management Engineer to join our Collaboration Services Group!

 

In this role, you will be responsible for monitoring, developing, documenting, and maintaining the performance of complex systems and creating scripts and applications to support operations.  This role will serve as a member of the IT Collaboration Services Group and provide support to Berkeley Lab’s institutional Identity Management Service (IDM). You will help build our capabilities to enable enterprise security and scientific collaboration using a combination of tools and technologies.  This position will help manage systems and services from our own on-premises infrastructure; operate our growing array of cloud services, including IaaS, PaaS, and SaaS solutions; and work with scientific and enterprise groups across the Laboratory to implement identity solutions for their services. 

 

What You Will Do:

  • Keep existing software, services, and operating systems up-to-date and running with high availability.  Our systems provide access to and support virtually every business and collaboration system at the Laboratory, including our financial, HR, and G Suite services.

  • Collaborate with members of the Laboratory community directly and with their vendors to integrate our identities with their applications.

  • Develop, enhance, and customize custom-developed and third-party software used in our environment.

  • Continue the migration of our existing application base from standalone processes and Docker containers to container orchestration solutions.

  • Work with the cybersecurity team to ensure that our identity solutions are enhancing the security of Laboratory systems and services.

  • Evangelize identity management services throughout the Laboratory community by demonstrating technical competence in these areas and providing excellent customer service.

  • Participate in the conception, planning, implementation and support of new services and capabilities.

  • Provide tier II support for LBNL’s G Suite services by interfacing with G Suite support for technical issue resolution.


What is Required:

  • Bachelor’s Degree or equivalent training/experience and a minimum of 4 years of related professional experience or an equivalent combination of education and experience.

  • Experience integrating diverse information/directory systems with homegrown solutions; well-versed in scripting from whole-cloth as well as extending existing solutions. 

  • Experience with the deployment and support of web servers and web services, such as Apache httpd, Apache Tomcat, Jetty, and NodeJS with Express.

  • Hands-on experience with web single sign-on solutions, especially SAML and OpenID Connect, with specific experience with the Shibboleth Identity Provider.

  • Broad exposure to programming language in a DevOps setting, including Javascript/NodeJS, Perl, Python, Java and Go.

  • Knowledge and experience with directory services such as OpenLDAP and Active Directory.

  • Understanding of multifactor authentication with OATH OTP tokens, U2F/WebAuthn/FIDO2, and PKI/smart cards.

  • Deep understanding of web protocols, especially web session handling.

  • Working knowledge of relational database management systems such as Oracle, MS SQL Server, and MySQL.

  • Excellent troubleshooting skills with the ability to work on and resolve complex technical issues.

What We Desire:

  • Advanced degree in Electronics Engineering, Computer Science, Computer Systems Technology.

  • Experience in a research environment or a customer service delivery organization.


The posting shall remain open until the position is filled.


Notes:

  • This is a full time, M-F, exempt from overtime pay (monthly paid), Career appointment.

  • Salary is commensurate with experience.

  • This position may be subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment.

  • Typically work will be performed at Lawrence Berkeley National Lab, 1 Cyclotron Road, Berkeley, CA, however, this position has the option of working remotely, but is limited to individuals residing within the United States.


Learn About Us:

Berkeley Lab (LBNL) addresses the world’s most urgent scientific challenges by advancing sustainable energy, protecting human health, creating new materials, and revealing the origin and fate of the universe. Founded in 1931, Berkeley Lab’s scientific expertise has been recognized with 13 Nobel prizes. The University of California manages Berkeley Lab for the U.S. Department of Energy’s Office of Science.


Working at Berkeley Lab has many rewards including a competitive compensation program, excellent health and welfare programs, a retirement program that is second to none, and outstanding development opportunities.  To view information about the many rewards that are offered at Berkeley Lab- Click Here.


Equal Employment Opportunity: Berkeley Lab is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or protected veteran status. Berkeley Lab is in compliance with the Pay Transparency Nondiscrimination Provision under 41 CFR 60-1.4.  Click here to view the poster and supplement: "Equal Employment Opportunity is the Law."


Lawrence Berkeley National Laboratory encourages applications from women, minorities, veterans, and other underrepresented groups presently considering scientific research careers.

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions
Please try again.

Oops!

Either there was a problem on our end with the action you just performed, or we are currently having technical difficulties with our system. Please try again later.

Equal Employment Opportunity: Berkeley Lab is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or protected veteran status. Berkeley Lab is in compliance with the Pay Transparency Nondiscrimination Provision under 41 CFR 60-1.4. Click here to view the poster and supplement: "Equal Employment Opportunity is the Law."

 

Privacy & Security Notice | LBNL is an E-verify Employer | Contact Us


The Lawrence Berkeley National Laboratory provides accommodation to otherwise qualified internal and external applicants who are disabled or become disabled and need assistance with the application process. Internal and external applicants that need such assistance may contact the Lawrence Berkeley National Laboratory to request accommodation by telephone at 510-486-7635, by email to eeoaa@lbl.gov or by U.S. mail at EEO/AA Office, One Cyclotron Road, MS90R-2121, Berkeley, CA 94720. These methods of contact have been put in place ONLY to be used by those internal and external applicants requesting accommodation.